www.hellokids.com Open in urlscan Pro
52.51.66.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hellokids.com/
Effective URL:
http://www.hellokids.com/
Submission Tags: tranco_l324
Submission: On November 11 via api (November 11th 2021, 7:49:57 am UTC) from DE — Scanned from DE

Summary HTTP 197 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 30 domains to perform 197 HTTP transactions. The main IP is 52.51.66.223, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.hellokids.com.

This is the only time www.hellokids.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	52.51.66.223 52.51.66.223	16509 (AMAZON-02) (AMAZON-02)
23	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
39	2606:4700:20:... 2606:4700:20::681a:c79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:135... 2606:2800:135:155a:23ba:b2a:25ff:122d	15133 (EDGECAST) (EDGECAST)
1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:9200:4:cd76:8580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3034::6815:5192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1 5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.241.44.156 35.241.44.156	15169 (GOOGLE) (GOOGLE)
1	143.204.98.13 143.204.98.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	54.229.48.81 54.229.48.81	16509 (AMAZON-02) (AMAZON-02)
2	35.205.165.27 35.205.165.27	15169 (GOOGLE) (GOOGLE)
1 3	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
1 3	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	143.204.98.129 143.204.98.129	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	52.16.151.94 52.16.151.94	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:803::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2006	() ()
2	142.250.185.226 142.250.185.226	() ()
197	39

38 52.51.66.223 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com

hellokids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hellokids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

assets.casualportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:20::681a:c79 (United States)

ASN13335 (CLOUDFLARENET, US)

images.hellokids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:135:155a:23ba:b2a:25ff:122d (United States)

ASN15133 (EDGECAST, US)

service.cmp.oath.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9200:4:cd76:8580:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:5192 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ana.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.44.156 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 156.44.241.35.bc.googleusercontent.com

static-dmp.mediaglacier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.48.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-48-81.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.165.27 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 27.165.205.35.bc.googleusercontent.com

user-sync-orange.adhese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-sync.adhese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.84.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

privacy.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.226.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-129.fra50.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.151.94 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	hellokids.com 1 redirects hellokids.com www.hellokids.com images.hellokids.com	3 MB
35	googlesyndication.com pagead2.googlesyndication.com 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com tpc.googlesyndication.com	248 KB
23	casualportals.com assets.casualportals.com	118 KB
16	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	225 KB
7	crwdcntrl.net 2 redirects tags.crwdcntrl.net privacy.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	15 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	addthis.com 1 redirects s7.addthis.com	217 KB
4	gstatic.com fonts.gstatic.com	67 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	154 KB
3	amazon-adsystem.com c.amazon-adsystem.com	40 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	2 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	bidr.io 2 redirects match.prod.bidr.io	1004 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	adhese.com user-sync-orange.adhese.com user-sync.adhese.com	589 B
2	360yield.com 2 redirects ad.360yield.com	660 B
2	mediaglacier.com 1 redirects static-dmp.mediaglacier.com	279 B
2	headerlift.com pub.headerlift.com ana.headerlift.com	2 KB
2	improvedigital.com hb.improvedigital.com	235 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	2mdn.net s0.2mdn.net	112 KB
1	google.de adservice.google.de	792 B
1	rlcdn.com idsync.rlcdn.com	416 B
1	userreport.com audex.userreport.com	433 B
1	ml314.com ml314.com	422 B
1	addthisedge.com v1.addthisedge.com	793 B
1	id5-sync.com cdn.id5-sync.com	10 KB
1	moatads.com z.moatads.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	oath.com service.cmp.oath.com	237 B
197	30

	Domain	Requested by
39	images.hellokids.com	www.hellokids.com
37	www.hellokids.com	www.hellokids.com ajax.googleapis.com assets.casualportals.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.hellokids.com 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com googleads.g.doubleclick.net
23	assets.casualportals.com	www.hellokids.com assets.casualportals.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	hb.improvedigital.com securepubads.g.doubleclick.net www.hellokids.com
4	googleads.g.doubleclick.net	0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com www.hellokids.com
4	www.google.com	1 redirects tpc.googlesyndication.com 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
4	s7.addthis.com	1 redirects s7.addthis.com
4	fonts.gstatic.com	fonts.googleapis.com
3	0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
3	c.amazon-adsystem.com	hb.improvedigital.com c.amazon-adsystem.com
3	stats.g.doubleclick.net	www.hellokids.com www.google-analytics.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
2	match.prod.bidr.io	2 redirects
2	cm.g.doubleclick.net	1 redirects bcp.crwdcntrl.net
2	secure.adnxs.com	2 redirects
2	privacy.crwdcntrl.net	1 redirects
2	ad.360yield.com	2 redirects
2	static-dmp.mediaglacier.com	1 redirects
2	sb.scorecardresearch.com	1 redirects www.hellokids.com
2	hb.improvedigital.com	www.hellokids.com hb.improvedigital.com
2	www.google-analytics.com	www.hellokids.com www.google-analytics.com
2	ajax.googleapis.com	www.hellokids.com
2	fonts.googleapis.com	www.hellokids.com assets.casualportals.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ana.headerlift.com	hb.improvedigital.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	sync.crwdcntrl.net	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	v1.addthisedge.com	s7.addthis.com
1	cdn.id5-sync.com
1	z.moatads.com	s7.addthis.com
1	user-sync.adhese.com
1	user-sync-orange.adhese.com	www.hellokids.com
1	cdn.jsdelivr.net	hb.improvedigital.com
1	tags.crwdcntrl.net	www.hellokids.com
1	pub.headerlift.com	hb.improvedigital.com
1	b.scorecardresearch.com	www.hellokids.com
1	service.cmp.oath.com	assets.casualportals.com
1	hellokids.com	1 redirects
197	46

This site contains links to these domains. Also see Links.

Domain
fr.hellokids.com
es.hellokids.com
de.hellokids.com
pt.hellokids.com
azerion.com

Subject Issuer	Validity	Valid
*.casualportals.com R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh
service.cmp.oath.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-18` - `2022-02-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
improvedigital.com Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.adhese.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.hellokids.com/
Frame ID: 785BCBDE606DB8C3E3E4E535E1DC5CA4
Requests: 117 HTTP requests in this frame

Frame: https://assets.casualportals.com/gdpr/wall/hk/index.html
Frame ID: 19545BA138846286458AE60DFD895ED5
Requests: 25 HTTP requests in this frame

Frame: https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f
Frame ID: 26512BDA18593EC4B5F407432782430A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Frame ID: 03A066E2540A2556C9A9FCFB05972528
Requests: 7 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 02D8F166B44FB00E67EFEB9B6BCA8C89
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 15DCEED998D69FCA4AC4105EFE6AFD99
Requests: 1 HTTP requests in this frame

Frame: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4BF76AD4E27073D5AE1B879327A86773
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9D94693A6955903F805855E95C2B3837
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F47717E9198FB7330A97246B4D6B9AFC
Requests: 2 HTTP requests in this frame

Frame: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 15168CD7FA59FE922B5737A137C154CE
Requests: 8 HTTP requests in this frame

Frame: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4F918A06060E22AADFD17F5C28F909A2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html
Frame ID: C6E59850D2F2018F78A3C011100F19AC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPC-rQIQtprG0QIYvJW_uQEwAQ&v=APEucNWXDtd9R3-O00vAvSk0BLcSCTkbnXk2jhgYl7ItydLaL2Ve-1-qkBsIDEwe1XTiqZMpuiKEe2a2CGPwP-Kb1OHReJbaaQ
Frame ID: CEECE1149054675C258E92040D7DBC4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C092D58BD3C83A1FB0CF5174B33F1F8C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 499E5F399CBE7AB9A1327724296A59A7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coloring Pages - Free online coloring for kids on Hellokids.com

Page URL History Show full URLs

http://hellokids.com/ HTTP 301
http://www.hellokids.com/ Page URL

Page Statistics

197
Requests

51 %
HTTPS

46 %
IPv6

30
Domains

46
Subdomains

39
IPs

5
Countries

4373 kB
Transfer

7049 kB
Size

31
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://fr.hellokids.com/
Title: Site de coloriages

Search URL Search Domain Scan URL

URL: http://es.hellokids.com/
Title: Pagina web para niños

Search URL Search Domain Scan URL

URL: http://de.hellokids.com/
Title: Website für Kinder

Search URL Search Domain Scan URL

URL: http://pt.hellokids.com/
Title: Site para crianças

Search URL Search Domain Scan URL

URL: http://azerion.com/

Search URL Search Domain Scan URL

URL: http://azerion.com/business/terms.html
Title: Conditions

Search URL Search Domain Scan URL

URL: http://azerion.com/business/privacy.html
Title: Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hellokids.com/ HTTP 301
http://www.hellokids.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 86

https://sb.scorecardresearch.com/b?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.hellokids.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.hellokids.com%2F&c9=

Request Chain 87

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&utmhid=2084045421&utmr=-&utmp=%2F&utmht=1636616990475&utmac=UA-316984-7&utmcc=__utma%3D191970867.2002329014.1636616990.1636616990.1636616990.1%3B%2B__utmz%3D191970867.1636616990.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25151415&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&utmhid=2084045421&utmr=-&utmp=%2F&utmht=1636616990475&utmac=UA-316984-7&utmcc=__utma%3D191970867.2002329014.1636616990.1636616990.1636616990.1%3B%2B__utmz%3D191970867.1636616990.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25151415&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 119

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 120

http://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d HTTP 301
https://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d

Request Chain 126

https://ad.360yield.com/server_match?partner_id=1&r=https%3A%2F%2Fuser-sync-orange.adhese.com%2Fhandlers%2Fimprovedigital%2Fuser_sync%3Fu%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1&r=https%3A%2F%2Fuser-sync-orange.adhese.com%2Fhandlers%2Fimprovedigital%2Fuser_sync%3Fu%3D%7BPUB_USER_ID%7D HTTP 302
https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f

Request Chain 128

https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0 HTTP 302
https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0&ct=y

Request Chain 129

https://bcp.crwdcntrl.net/5/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr

Request Chain 133

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 138

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=514739823%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D514739823%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=514739823/tpid=9198878619193000621/tp=ANXS

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg&google_tc=

Request Chain 142

https://match.prod.bidr.io/cookie-sync/lotame HTTP 303
https://match.prod.bidr.io/cookie-sync/lotame?_bee_ppp=1 HTTP 303
https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADSBk7DGZYAAChyICqh4A

Request Chain 175

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

197 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hellokids.com/
Redirect Chain

http://hellokids.com/
http://www.hellokids.com/

37 KB
9 KB

68ms
53ms

Document
text/html

52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 571693a30fa6d3724dd0a93f6e9df14fc0275bf14b8c5a0c6a4e6ec315be2cea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html
Keep-Alive: timeout=60
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Fri, 12 Nov 2021 05:52:48 +0000
Content-Encoding: gzip
Content-Length: 8506
Accept-Ranges: bytes
Date: Thu, 11 Nov 2021 07:53:18 GMT
Age: 7913
Connection: keep-alive
X-Cache: cached

Redirect headers

Content-Type: text/html
Location: http://www.hellokids.com/
Content-Length: 178
Accept-Ranges: bytes
Date: Thu, 11 Nov 2021 07:53:18 GMT
Age: 0
Connection: keep-alive
x-Cache: uncached

GET
H2 200 cmpBundle.min.js Show response
assets.casualportals.com/gdpr/cmp/ 55 KB
17 KB 86ms
12ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.casualportals.com/gdpr/cmp/cmpBundle.min.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a6616dbc383f0eeee5ea1e9814899f225242144c962de049b947e7c4404e2346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Thu, 25 Jun 2020 10:02:22 GMT
etag: "1593079342"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds109.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=879
accept-ranges: bytes
content-length: 17239

GET
H/1.1 200
OK main.css
www.hellokids.com/design/normal/ 242 KB
41 KB 32ms
31ms Stylesheet
text/css 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 73021e14667a9ffdc76a733faede6168ff4699e19f1bd880738c63fa506e87db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2019 10:18:36 GMT
Age: 9969
Vary: Accept-Encoding
X-Cache: cached
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 41865
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 27ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:400,500%7CBoogaloo

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa5301e0846cd335ccd08138f410133712ee3f560081312b367fa3fe74f8c504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Nov 2021 07:49:50 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 11 Nov 2021 07:49:50 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
92 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:40:49 GMT
X-Content-Type-Options: nosniff
Age: 541
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 93100
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Fri, 11 Nov 2022 07:40:49 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
60 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 14:03:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 63969
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 60529
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Thu, 10 Nov 2022 14:03:41 GMT

GET
H/1.1 200
OK all_js.js Show response
www.hellokids.com/ 228 KB
228 KB 61ms
55ms Script
application/javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/all_js.js?type=js&urls=%2Ffonctions_dyn.js,%2F_scripts%2Ffancybox%2Fjquery.fancybox.pack.js,%2F_scripts%2Fskin%2Fskin.js,%2F_scripts%2Fpub.js,%2F_scripts%2Fmodules%2Fdetect_mobile%2Fmobile.js,%2F_scripts%2Fjs%2Fmodernizr.min.js,%2F_scripts%2Fswfobject%2Fswfobject.js,%2Ftemplates%2Fcoloriages%2Fscripts%2Fgs%2Ftweenmax.min.js,%2F_scripts%2Fjs%2Finview.min.js,%2F_scripts%2Fmodules%2Fslider%2Fslider.js,%2F_scripts%2Ffonctions.js,%2F_scripts%2Fjquery%2Fplugins%2Fjquery.touchSwipe.min.js,%2F_scripts%2Fjs%2Ffullscreen-2.js,%2F_scripts%2Fmodules%2Finterface%2Finterface.js,%2F_scripts%2Fgdpr%2Fgdpr.js&date=20211111f
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 76ca0fbd2f124d35c7036a643e6e79c74d5734fde758c06304ff3a7dfd64c1f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:53:18 GMT
Age: 14342
X-Cache: cached
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 233020
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jwplayer.js Show response
www.hellokids.com/_scripts/jwplayer/7.10.5/ 242 KB
67 KB 57ms
51ms Script
application/x-javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/_scripts/jwplayer/7.10.5/jwplayer.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6d01e896151f3b7ea9ac5f0e4e260d2ba6a80b4f78841ce84bde7135260f2a15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2017 13:02:09 GMT
Age: 9969
Vary: Accept-Encoding
X-Cache: cached
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 68162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo.png
www.hellokids.com/design/normal/assets/ 14 KB
14 KB 29ms
28ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/logo.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9ad8d07cb5c2ec14f39f148e14faa02b4ed80367d8547cd6c63eb8aaf919492f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:39 GMT
Age: 8900
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 14287
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tape-top-left.png
www.hellokids.com/design/normal/assets/ 3 KB
3 KB 31ms
29ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/tape-top-left.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: eb2d67dcc06206771df7a133baaa77c4a9d74c72d478d52ff63649e250b81618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:39 GMT
Age: 5656
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2978
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tape-top-right.png
www.hellokids.com/design/normal/assets/ 3 KB
3 KB 64ms
57ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/tape-top-right.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d99665643686ca409468f1fbba9025e3f44c52e29fbd69508698455b030b2c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:39 GMT
Age: 5656
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3006
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK burgerMenu.js Show response
www.hellokids.com/_scripts/modules/menu/ 909 B
765 B 29ms
29ms Script
application/x-javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/_scripts/modules/menu/burgerMenu.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30a8e3e87da7aa8204ed5125151da02e2ca7d7023cba6bd36aea20df438d8b95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Oct 2016 13:18:54 GMT
Age: 9771
Vary: Accept-Encoding
X-Cache: cached
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 324
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK chasse.js Show response
www.hellokids.com/op/chasse/ 5 KB
2 KB 28ms
28ms Script
application/x-javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/op/chasse/chasse.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f0b9fb952baee5e360fa155d4836e88ef38c195bca6804f9eb4166d8c646d41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2016 13:42:41 GMT
Age: 9688
Vary: Accept-Encoding
X-Cache: cached
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2003
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK back-to-school-3-coloring-page_vlt.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180835/ 128 KB
128 KB 133ms
117ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180835/back-to-school-3-coloring-page_vlt.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ac77c40134c4270f86f0c1d60b12d7c2f5e1ad3221eb80d780ea6fdd78f00b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 29 Aug 2018 08:48:23 GMT
Server: cloudflare
ETag: "1fe69-5748f0566c87f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0q52Hq%2FgoAAnartQzvN5Yw9Xa54wLP4m3qa2IavJw76ElAsyV1YipBs1tmjio%2FF6ZF0fNv5Rg7%2FHAotO5kle3RGZH9uSkS77cjUtgqOBFluGtUClcvH8MF%2BNvkIhI%2B5pIHR6IKB0eGpKBCBQU7yfnRt"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dfa2e0e06-MXP
Content-Length: 130665
Cf-Bgj: h2pri

GET
H/1.1 200
OK spotlight-flippie.png
www.hellokids.com/design/normal/assets/ 13 KB
13 KB 61ms
54ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/spotlight-flippie.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cc1bf591851654a91d98dd3aeafa9a7552a2918a0c3052a7d61c45f455e8625c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:10 GMT
Age: 6510
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 13067
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK spotlight-flippie-bg.png
www.hellokids.com/design/normal/assets/ 8 KB
9 KB 158ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/spotlight-flippie-bg.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b94ed1f3ddb8276b792031a1a281dcb8d3bee487c55c00eaec498ce8e6153b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 3306
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 8545
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK how-to-01_2x2.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171044/ 132 KB
132 KB 130ms
114ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171044/how-to-01_2x2.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a86d60dc1404417ac4979356aba704dad6ea1acfcb2349aa13661a123b569dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 30 Oct 2017 15:05:24 GMT
Server: cloudflare
ETag: "20e96-55cc4f7d1fc7f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFohNZf5yClN32ABt5i676ZwDQyhcl0QX2f3n01g4vFUOoJwAGZEsHrTUgWdg32ffd3C%2BnrYr%2Fp54%2B75cv5A5oVUoTHHkXgNYo6RZFqM1IZqYBkcd7dJ4vxn18aME7ZXEhLb%2Bgh3jXAlNYMilNx64LXH"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dff2bd600-MXP
Content-Length: 134806
Cf-Bgj: h2pri

GET
H/1.1 200
OK tap-tap-shots-hk_7u2.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180310/ 40 KB
41 KB 123ms
107ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180310/tap-tap-shots-hk_7u2.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af76be6d631bd5be37093e48eb8ce7a129c2843b7a26b73427d31344aafeb7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 05 Mar 2018 12:44:27 GMT
Server: cloudflare
ETag: "a099-566a9afc0a23f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMwvG3iU4%2FszsUWMg1YmqxYcQNl5etBDBeunElmPkwFrmHZq89qFJHmLvSMyoV8%2B0Qv6d%2FbY9zmRblVTEg17UVbLKyWff09g2zlkNoPWnjIDvmD%2F2nafJfcFMjLDaKUgNKEdVfT8LPNDASKEdkEcBYuR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dfbc00f5e-MXP
Content-Length: 41113
Cf-Bgj: h2pri

GET
H/1.1 200
OK scooby-doo-bracelets-craft-for-kids_xc6.jpg
images.hellokids.com/_uploads/_tiny_galerie/20140938/ 41 KB
42 KB 132ms
116ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20140938/scooby-doo-bracelets-craft-for-kids_xc6.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d55eb84397079e52809cf574831c5d82bd20c1c9b764fd9faaabb5d38c4cb786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 13:19:38 GMT
Server: cloudflare
ETag: "a5df-51e5eef884e80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mik9jEvGLRTabMcnQx0tF1NFL0hgm%2Bhgls9%2BsGXKYp1IA4kesbde2mv8A0dz5ZlX1j35gww5FuZ9wByneuNBek1ncZ4FWYvOqlKBB3TSG%2FB8U1h7cHGg3vzx%2BBB8SY1IMlgq5TgCi6fQ4woIVo%2FXP33e"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dfde9d608-MXP
Content-Length: 42463
Cf-Bgj: h2pri

GET
H/1.1 200
OK president12_grx.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150207/ 8 KB
8 KB 113ms
106ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150207/president12_grx.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49d470142e460aeea6404a8a07afdc0c486c028defff7c848e93bb171ed2ab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 10 Feb 2015 18:50:49 GMT
Server: cloudflare
ETag: "1ecb-50ec05d841440"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULaPyfHXKBW2xBPN2QaVhdSejMVM%2FrWZ%2BW1iTF15yDpqkuMresnaYJ6PFMSOMsz2tfQ%2B6vnmb2CpVWS7qYpGE5uNstaIJY1kzLXowMfA0KYahI%2BXZFkUdrk%2BklSjSiFJzejoOlvfbKvZr5IZgE3fa31s"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dfc83f937-MXP
Content-Length: 7883
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-how-to-01-2x2_maq.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171044/ 58 KB
59 KB 121ms
114ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171044/vign-how-to-01-2x2_maq.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41ba067533a3e04886f4fe3e3588b2651ba2465bd3f5e27d703098c04d7ffa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 30 Oct 2017 15:05:24 GMT
Server: cloudflare
ETag: "e9a4-55cc4f7d5a5ff"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2Bm%2BLqiiKVK5RAX0zNJyXR8SfhSo4UtKhKl6KO%2FbyAKbV63oKdQFnaoK1N5gVwV4LSFiLchO5tfrU%2FP4DrJoUKzGQCOXPOAeeZP%2FvSJlYwhjojzWq%2FyGET4R5WbsXVA1CqKqKXk3q%2FzXvqIwBSOvS%2FJw"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1dfc605a13-MXP
Content-Length: 59812
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-how-to-01-w9n_7r2.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171044/ 70 KB
71 KB 492ms
388ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171044/vign-how-to-01-w9n_7r2.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957184c79c841154eb60034645260ce9bf63fd815e67cc65ce94b63b08733422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 30 Oct 2017 13:28:17 GMT
Server: cloudflare
ETag: "118a9-55cc39c81c13f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bq3Xt%2FjAGbo9I93JcwLyY8nY03pnIT5WdgReLx5akndBb1MWoMKT1bKYx4csFFM%2BqDD2LyrA7f7BbzYrm3Uz1bTUJfx8elVL%2B%2B4t%2FgQ74%2FISIuGDOeAAFsq9AZIgcqT3WLmj%2F5GUOhglT5DvUQ3FBUg"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1ebde35a13-MXP
Content-Length: 71849
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-how-to-01-84s_ywt.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171044/ 65 KB
66 KB 186ms
107ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171044/vign-how-to-01-84s_ywt.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68b8a79f0f86265055bb433d7a15c4a6d03cc7c8fca14410a58952d54df9a0e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 30 Oct 2017 15:54:34 GMT
Server: cloudflare
ETag: "104e8-55cc5a7ab713f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT2NQkhqPkpVnOHKSaGTEVYcApSkvmoc0oWc7PxnD%2BEMFQDEXvm93pcoePcZvKycn8vjtXyzyW925deYw9Y0Rd3cqdMGqi9TZ6okvT%2FWs3mzsJF3nkX2buEkG5iL4rsii%2BcQIwL3v7pMwkJR1nZq7tEu"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1e8d16f937-MXP
Content-Length: 66792
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-how-to-01-ju6_yt7.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171042/ 49 KB
50 KB 200ms
96ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171042/vign-how-to-01-ju6_yt7.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183176fd96255b2ea26bdda777f82ed1617011335e73f31b4c2112164dbfd946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 18 Oct 2017 13:10:40 GMT
Server: cloudflare
ETag: "c4f0-55bd1f760799f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYcXvxKzFTwTrM3cAV7i1QiKvi7kCoOrjdnaxN6nq28SvgVYSGTh3N4FOlfwAsG7szDU1Hng5FDtvHml8tX29iP0zOSdoglZb73BJdYN7KF8zhjCqg0z4f5VxxyECjj4X4dEgwz2OZek%2Fmgi12RJEETu"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1ebedfd608-MXP
Content-Length: 50416
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-how-to-01-ztg_8wg.jpg
images.hellokids.com/_uploads/_tiny_galerie/20171042/ 79 KB
80 KB 194ms
103ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20171042/vign-how-to-01-ztg_8wg.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a86a42d721e4c7f95f54ab40e12afd52d67191d2d7c9c758077ad079df3914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 18 Oct 2017 12:32:36 GMT
Server: cloudflare
ETag: "13ca5-55bd16f48ff5f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8iTc4fdGryUOXJ%2BggLTrx24l1mkMb6UouZERQu5tB8f2ps6%2FcexTknZYHfSny0vDmrGcyI5sTN%2Bgxn2riFyitRIB%2Fvq4ylKmdaWW15Qm8JFaz5g9mdkbOn0GuGC4Z1yegKvvUeFlbJvg05JCIpeC37H"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1eacd10f5e-MXP
Content-Length: 81061
Cf-Bgj: h2pri

GET
H/1.1 200
OK diy-easter-sock-bunny-craft-for-kids_388.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170414/ 77 KB
78 KB 378ms
378ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170414/diy-easter-sock-bunny-craft-for-kids_388.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c07914be97a768bd226b1a1e17a8d721cf7504b98b3e7ff039f9be9406ab7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 05 Apr 2017 12:46:50 GMT
Server: cloudflare
ETag: "135e7-54c6ac94a425f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKXHeyyk%2BRB%2BUUoFEjC9YbY%2BsvZ80shmYxyFty%2FAd3dm1Juy840iI7l07IItdjBoXW27zTayScgfvYXNpVro7lEvbBo10smyJlG%2BZ4j6Iap1V9WzabgkQ6frmuTdBS0Zq9Uin80OGtPaR%2FGHecGXFKDJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1ecfedd600-MXP
Content-Length: 79335
Cf-Bgj: h2pri

GET
H/1.1 200
OK valentine-s-day-card-craft-for-kids_6ny.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170206/ 39 KB
40 KB 370ms
369ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170206/valentine-s-day-card-craft-for-kids_6ny.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d34a703dec65f7505fcfc4dfbb7e40649ddb28823bebe499c67fdaaf95acc8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Feb 2017 14:05:11 GMT
Server: cloudflare
ETag: "9df8-5481978362b0c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WhNd96krsyniLvdUeyxLvYy4hFgoMZtdCONQ5%2BZAvOlX81beumeTJ7dQzDkbgEU5bYcfVg%2BucJTWYopkdjzsfmO0OMHoTNSsYVxIHh3Z9WeQD16GBaCg%2BOsG%2BGVfSecgjISlF%2F5T7oLA5Ikp3GMiusd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1ecb260e06-MXP
Content-Length: 40440
Cf-Bgj: h2pri

GET
H/1.1 200
OK the-origami-flower-craft-for-kids_de7.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150416/ 12 KB
12 KB 304ms
304ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150416/the-origami-flower-craft-for-kids_de7.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb425e7c8dab0672797752237a7459ec716f5d2745657189ca4a2872ace9c709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:50 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 12:35:04 GMT
Server: cloudflare
ETag: "2f03-51e5e50264e00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHCAUgobLT3nxjxgpKIMZDKo0GOsWOKgB9aOhd4IEsSqTKfrtHvB5xOGinUSv3gQBHNxL3yNYYqjCsZ86z0891nFOYgpLw%2BnVW6THdj0vMyBbjYR223KPxgiJCCGbqPw0hDTbuicULNzkXjlewCq%2FFPm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1f4ddbf937-MXP
Content-Length: 12035
Cf-Bgj: h2pri

GET
H/1.1 200
OK how-to-make-a-heart-shaped-pompom-craft-for-kids_jq2.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150208/ 8 KB
9 KB 916ms
915ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150208/how-to-make-a-heart-shaped-pompom-craft-for-kids_jq2.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed1095626e51d0c34bddac22b7e3e29938e7e05270b09555b2fc22b4d9f0dd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 12:34:24 GMT
Server: cloudflare
ETag: "202d-51e5e4dc3f400"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7ouQyvBC%2BXkKR%2BMfXpisyZhfgG7NBquR2WTbv%2BoDoTMrg88gRjolPqc0oGHuiUIsOdTAtFVAYUC9vAl6Y1vC8hLQC%2FEbgBLfRd4urP2QhCybmPFSJ89bB6St8%2F4ogzw%2FSNvtHXdIpoyM4LxfksflzEt"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1f6df50f5e-MXP
Content-Length: 8237
Cf-Bgj: h2pri

GET
H/1.1 200
OK origami-cat-craft-project_d8t.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150729/ 8 KB
8 KB 515ms
515ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150729/origami-cat-craft-project_d8t.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73096cb160176c37d6537f30e47f5c83f2a97c8b9ca28c54a00458be0f57050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 12:35:53 GMT
Server: cloudflare
ETag: "1e63-51e5e5311fc40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9Z8Uqs41CTXqSDrTepARO7I99ys1g39Mp0QoJ4JZ%2BDytEg9pyryH6MRwo44vJfrG0%2FoRh2ZQ2krUDRdSWxZe3TjND%2B9sS%2FAtCEUt29hTfEnhq5K9%2BY3wXsOfZzSl%2FiT8IRLf%2F5cwncOE7iVrEYz1YON"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed1f6f84d608-MXP
Content-Length: 7779
Cf-Bgj: h2pri

GET
H/1.1 200
OK fantomes-amoureux-coloring-page_2ad.jpg
images.hellokids.com/_uploads/_tiny_galerie/20181041/ 39 KB
39 KB 713ms
712ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20181041/fantomes-amoureux-coloring-page_2ad.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a589c82d137fc5e485a03888250c9b3fa7b08a65f2b3be6b6d742fe639406d68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 10 Oct 2018 08:23:34 GMT
Server: cloudflare
ETag: "9aaa-577db91f75fdf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dSkhTe1oyokAUVKC4tg3i%2BDZotoUPOPGMV%2BPb%2FKrQx05WOwzs4Ma%2FdRthzSaInQJ1d6Iowy44doHzlLWTzdiC0e7jwq8bSMGcf9gqonHy6w4ABaw6IKIO8ADxVGclkntksVG3vx4oN31a%2BuB8dr7vvs"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed212d8d0e06-MXP
Content-Length: 39594
Cf-Bgj: h2pri

GET
H/1.1 200
OK chauve-souris-aime-les-bonbons-d-halloween-coloring-page_6rp.jpg
images.hellokids.com/_uploads/_tiny_galerie/20181041/ 53 KB
54 KB 726ms
726ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20181041/chauve-souris-aime-les-bonbons-d-halloween-coloring-page_6rp.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05aad7af7eab3961a304d02d259e689d57dd7d4aba94cad341dcbf57145e50a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 09 Oct 2018 12:53:47 GMT
Server: cloudflare
ETag: "d581-577cb3a87b7ff"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRgkKW4YFhTgWL8wGc%2Bqs76lC31EafUHm5FPtDeQuY1M4R6eDTH9VNc8QB2MGEK3EySWA30vv7eClKm9pvynbAVhlJb8iGS43Q%2BWV3kBIyUN61MoLHrSqli4TZ6%2FcXJbCyw%2FjJ3nCBlKFaLrK0xvYbXd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed213b1a5a13-MXP
Content-Length: 54657
Cf-Bgj: h2pri

GET
H/1.1 200
OK hotel-transylvania-3-2-coloring-page_25l.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180729/ 54 KB
55 KB 1017ms
1016ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180729/hotel-transylvania-3-2-coloring-page_25l.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13368c2b8db618d4e06044fecf9ab35aa35c64cc09dad589a42d31d1ca1017ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Jul 2018 07:44:29 GMT
Server: cloudflare
ETag: "d8cf-5716977428edf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BDRxe1%2FRVQuVHGPW4rWagOV3r50QmIRcHrONvCBjWSsbrknkDs9c4WDSbTYPAfm%2FEOi1HPyxR6ibFWlDntOzt42h94wlDyA8E%2BmiJc%2B7TeapuBeDQUQhyOqiP8zoKsM%2BxPy3G1LSff3JNaCfIAIoPCB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed213a7bd600-MXP
Content-Length: 55503
Cf-Bgj: h2pri

GET
H/1.1 200
OK incredibles-2-coloring-page_4ql.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180729/ 53 KB
54 KB 728ms
728ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180729/incredibles-2-coloring-page_4ql.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3c2d152f4d14931b17d3346b9da3a27d39120a72495bd697dc7bf635f650e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Jul 2018 07:44:21 GMT
Server: cloudflare
ETag: "d3e2-5716976bd035f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9JO7x0Hzt5FlxLw8l8HRMG8RnXNXJHd5rrczYHe1Rl8BKma4tQBNo18OUiuJ%2FMRtk64palv5I%2F5AElmtCIlPcID7xiSVrfftbL04BIlE8N2UEHH6PR2mjHsB48wDxCtczBsRLcoiNDq5rmNPrcBIP7y"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed213fd2f937-MXP
Content-Length: 54242
Cf-Bgj: h2pri

GET
H/1.1 200
OK hotel-transylvania-3-coloring-page_42u.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180729/ 38 KB
38 KB 999ms
998ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180729/hotel-transylvania-3-coloring-page_42u.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97719eea9e319c7ea07540538a78c9d923fb6cd3d1868f7216714ae0aac552bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Jul 2018 07:44:11 GMT
Server: cloudflare
ETag: "96b3-571697630059f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsCctaj5Jh3VAOTF86Q6m30sfTGFEsPi410Sh3AZ5j1wawXEIKuHm0Q%2Fe8IH%2FapM%2F9Riyl8brAGVA4Ui7qjd8kF4vOfCnfmm3bSFePUgYTB8ANeJeHCSvTGeUVNJsJxqqJepC6llTjYh%2F94fVahHOwAf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed229acbd608-MXP
Content-Length: 38579
Cf-Bgj: h2pri

GET
H/1.1 200
OK incredibles-1-coloring-page_z9l.jpg
images.hellokids.com/_uploads/_tiny_galerie/20180729/ 37 KB
38 KB 627ms
627ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20180729/incredibles-1-coloring-page_z9l.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a805111179f399127311c380a95358ca26368b5aac5e28fbd427d78692c00c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Jul 2018 07:44:03 GMT
Server: cloudflare
ETag: "9488-5716975aceb1f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNwKSlRO1j6ZsYEV2QvUORAOgVrF1kWvK00UWusyADj4Su8JqcIXKV6kBa68wwUDCA4cGo%2BV4Th0G7LLMzk3W1GBCX41QiOQ8GLrCUrcM2jZsZsJzdxS96QbkxPk3gnfioGl%2Fhrv4ac97LKbBzJ8BRIj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed251f460f5e-MXP
Content-Length: 38024
Cf-Bgj: h2pri

GET
H/1.1 200
OK carl_homepage.png
www.hellokids.com/design/normal/assets/mascottes/ 41 KB
41 KB 30ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/mascottes/carl_homepage.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 62125a9355cdffdfac64240d7df0dd0671a6eb21a53707cd0d79d5f6dd32ef18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Tue, 03 Jan 2017 13:05:58 GMT
Age: 6327
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 42064
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vign-frog-memo-hk-5ng_3q6.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190626/ 73 KB
74 KB 942ms
942ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190626/vign-frog-memo-hk-5ng_3q6.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546d99f344ab0f9284844eb763ba6b14e5662bb64581e38956569d144605f914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 26 Jun 2019 07:55:19 GMT
Server: cloudflare
ETag: "125f1-58c355dd7417f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YolTmFgQ1rMkQCYgp6UDTs1%2F6lnJA9xAyzAIqKuKMWbACvi8HQL%2F8sWD7pRhnz2XGKHSJm1tyVsJrwEVZBpx%2BxUT5DLtpk7cAzl32qi3IfhvpxtrpXvA0ifutKkMHlOeMTT%2BrI5UaGplyH9RyYPj6bvA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed259bb30e06-MXP
Content-Length: 75249
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-frog-connect-hk-lr2_eet.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190626/ 75 KB
76 KB 939ms
939ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190626/vign-frog-connect-hk-lr2_eet.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ee829ea786920b9b4c55f324839d8fe351d759f1c2a06484823c5229ed35c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 26 Jun 2019 07:54:52 GMT
Server: cloudflare
ETag: "12b90-58c355c467fbf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AQzPcvfSTRVSqHfPSIHBhzsvqUAc2j3ecCXz7V6%2F8hsd1VfXHPaE3Ji4sqRRwS4G7y7jVEt0XfTd76H%2ByiYr2tSvXYnfEHUor2%2B8zM7dqU2W5Gar8q%2FQu7eZXqc1kKVuN56hJh%2BWenqmb3vADQCQmNw"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed25cd205a13-MXP
Content-Length: 76688
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-frog-puzzle-hk-bwm_gca.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190626/ 72 KB
72 KB 934ms
933ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190626/vign-frog-puzzle-hk-bwm_gca.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b478a2ee0445b4f9c9ff1792a3121871c25a4f41a3a5e86f38bebd295848af5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 26 Jun 2019 07:49:07 GMT
Server: cloudflare
ETag: "11ea7-58c3547b8a87f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbAzBQybxEvnI3lJ2O1bwGnR6bW2yRI1PcLouIUsrrGBl%2Bne8ZpQ8IIGI4lgnu8a7hPhHburvHJqVSZ8ajA%2FhASNj4bvedO%2BgVmjDQSOtIxTs1wGOZJ577dAuvJBPGokvSS3bzeu4j022TZ0%2BtPKxdae"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed25dcdaf937-MXP
Content-Length: 73383
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-coloring-frog-hk-ab7_vxa.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190626/ 40 KB
40 KB 640ms
639ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190626/vign-coloring-frog-hk-ab7_vxa.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a8c6a8f5baa0ea18998ab75b1a390e962a0d9a3430ea4a2054e88a54614b7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 26 Jun 2019 07:42:39 GMT
Server: cloudflare
ETag: "9f28-58c353095035f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3n0Kfcc1vYrFauHBdhjEwDv9m5HzYl4maXZ8UpkJUt4vxAnhJnFQHj%2FAaIiE9aNFKnAtNjwZ1RWAvLmLILu7y%2B%2BtN3QRAmUkoEM90CZZcqTwUWXieMDq%2Fy8HBleOaTb8jrCrWnDY%2FVF3895nweZ5vWr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed27a90bd600-MXP
Content-Length: 40744
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-4096-hk-8bc_eey.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190624/ 32 KB
33 KB 479ms
478ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190624/vign-4096-hk-8bc_eey.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644dd72d9fd66655b1024dc9451cfaa5f6916d7c8e1d250c62f85b5e3acb1680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 12 Jun 2019 11:02:58 GMT
Server: cloudflare
ETag: "80c1-58b1e5b2aaddf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx7QTElizuJGvF4B5EL8Pb3%2FgODjbsRAHAULwz%2BjIHwrfGsOGEakf6FRYdjfac2Xbb1sxfNRw2Ool8NMZ0c%2FeAhLq1uLk9jXYRQaqgaxct%2ByPbiWEi7UhzJ6PBKfqu51iYMhgKH8N8QJTehdbUcjGO%2BA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed28e9c1d608-MXP
Content-Length: 32961

GET
H/1.1 200
OK vign-just-one-hk-bqh_zwu.jpg
images.hellokids.com/_uploads/_tiny_galerie/20190624/ 16 KB
17 KB 480ms
480ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20190624/vign-just-one-hk-bqh_zwu.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8cf2c2e83a816504e6d56d8c108b73ecaf6523a8f0046a6aa7766b4c29ec7c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 12 Jun 2019 11:02:35 GMT
Server: cloudflare
ETag: "40dd-58b1e59c82fdf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ncS7zDZdChWOkjtB1QZE%2BGEStQILNI4JrtbeN0BNnPtN3zxWJgW8mwpfdWinoRG9U%2BgCwR5HBWRQc97yOKvKXKKSfLOmTbFXlYYPhwd1KynGKKka5lh%2FqJZ7%2B%2BAFteuToZ9aZXlLEpcjz3h2X24fVhR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed290d7c0f5e-MXP
Content-Length: 16605
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-12-page-001-cff_tqc.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 15 KB
15 KB 101ms
101ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-12-page-001-cff_tqc.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad695c36693cf0d337ff1d95d9a53920bcaa52dfff79fe37316d4550d3171096

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 02 Aug 2017 07:44:10 GMT
Server: cloudflare
ETag: "3a9e-555c06dfa525f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkolJDKHxu0mzRTWmVXOXfONdF4MdpOhNp%2FJNuJeQPKqvn2RyuwK%2FqWHQcHFPdgsNb%2FSXgEhlyFzl%2BJ9BukVJIOC1V2mWJo07FduvEUeLymUSvoeNzOBQDmHgc4arQRo%2BYyr3UbqUE8gI6PzW164WXJ4"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2b8ba00e06-MXP
Content-Length: 15006
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-11-page-001-dyf_gyl.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 20 KB
21 KB 93ms
92ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-11-page-001-dyf_gyl.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955972ce46d3dc6eccc51c51228c6d09dafacca4633d960553e2b222af7d1224

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 02 Aug 2017 07:42:21 GMT
Server: cloudflare
ETag: "504c-555c067709d9f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV3KiQgIDB9chjXxKAX85qqGRTY1AuyVAgMXRG6HJjHmSnmEldvxNDp%2B3FatY4GTvS0xH%2FOaUrcmWlaAQhpy2%2BSQRPXEPoRLzTPChqJ3cgdQUrtSpsdW%2F1kqalipL4ynQ3ObhaZ9P3LiNgWAcjY6RILk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2badd6d600-MXP
Content-Length: 20556
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-one-click-print-document-page-001-xvu_vjm.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 18 KB
19 KB 404ms
404ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-one-click-print-document-page-001-xvu_vjm.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf2e1bf6d3cd95e37e64faac3cb23991e767abf1aae1e8ff300712634e1552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 02 Aug 2017 13:59:40 GMT
Server: cloudflare
ETag: "47ab-555c5acd5803f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iozlrLeuOOTXoW2yzjr3REzKIR6yLHh51P5fE3EqAwj5B%2FD2ZdjyAl4WNPx44zo7xTnGxDDTNBu4oyHNCr%2BuSNu8qScbD7ayQzJmchR1YxrY9CC9UbgDum3Il0yKVqN7%2FaDvWMwXU20alFh6pqGfC4zO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2bbbb4f937-MXP
Content-Length: 18347

GET
H/1.1 200
OK vign-10-page-001-sym_mta.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 18 KB
19 KB 367ms
367ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-10-page-001-sym_mta.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de34bf0e9007189d2af1c5262963a453e3bc98718979be91ed3e89332554180

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 02 Aug 2017 07:40:40 GMT
Server: cloudflare
ETag: "48d2-555c06179a35f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoRAQvAs6c3XsqKkOdSm7wNxhgRYKlUXfDr4CrBOSYqw87xh4Vfk1zEQQJsaytFWZM2LdPPt2Rl17DcOwEYIp4Ha0cfjjnqjIJKbWAv%2BvcWk6smQOvAlKx2w5wr2iTFmSKhIRBOLe1xvFfP99HDDEjtz"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2bba145a13-MXP
Content-Length: 18642
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-18-page-001-qr9_tvj.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 17 KB
17 KB 342ms
341ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-18-page-001-qr9_tvj.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51d1f50c4cc1167787503785d0d2aa13266f70403572387595a4fbd93620a6b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 02 Aug 2017 13:58:06 GMT
Server: cloudflare
ETag: "4323-555c5a74609ff"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JJ5afH0MdjRfUPFIZqa0er30r%2BznbOmxZHeHPZzJxeasyQ5k%2BIJnVJsASIRd2M%2FSJXtLMF%2FopnXL8J8o92GpHZGKlsgZYIYZmC3hOlAdRzGstP38NqbVo7iPymCUVwnXWkIxvwpNU0Rd%2FmkobxTDczv"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2bedb0d608-MXP
Content-Length: 17187
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-16-page-001-u7v_uc6.jpg
images.hellokids.com/_uploads/_tiny_galerie/20170831/ 14 KB
14 KB 330ms
330ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20170831/vign-16-page-001-u7v_uc6.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e65ca7b66af1a6caaf57f3cfddd2af0514100b30846bb31162c56504368d785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:52 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 02 Aug 2017 13:56:30 GMT
Server: cloudflare
ETag: "36cf-555c5a1867b3f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOGmFvfpOI0RiLNjFvKqnSq1232nqhyjbcFmXrAm%2FGvUvIOBqZbJlebhxopiddb4xlIxI0XXC0DOLrcw6frc58d2QQLZ2BFDOW%2BFBh6CHUUTs5iXmQ%2FU3f5wyEUEr6IfyOSZuCSeE0o87WlF43Pp1%2BDJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2c0a940f5e-MXP
Content-Length: 14031

GET
H/1.1 200
OK static-electricity-video_4uz.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150519/ 8 KB
9 KB 472ms
472ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150519/static-electricity-video_4uz.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1cb90023c1a9e942904db8d2c46433f4fe679dc1cf038724b49eb9a5f3bf60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 12:35:25 GMT
Server: cloudflare
ETag: "2064-51e5e5166bd40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLEa6Z0BIt6ZbNfyhi6xPlVPexS5SuUZR5HPOQmoIkPId%2Fki3jmzgOL0ORowq6lDfyJ2kvkNIbTSi0R8jLRwuzUDlgjWkcmjOlWN0UM3jVKsURcgTUKMAxnfL0XsNmvxrq9BIXhYOYfvThOSckeu%2Fwxb"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2c2cc50e06-MXP
Content-Length: 8292
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-i-have-a-dream-lqq_pwm.jpg
images.hellokids.com/_uploads/_tiny_galerie/20150103/ 13 KB
13 KB 456ms
456ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150103/vign-i-have-a-dream-lqq_pwm.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcec01d907331785f14bda8625b99061268c2c1f3d34d909d14f2d0877ca9897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 28 Aug 2015 12:34:04 GMT
Server: cloudflare
ETag: "32e2-51e5e4c92c700"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClUF0MnlxYZ1UzGVbdYRuxHqZYi%2BiuKwkM58p8giopSbKDTWp5YLpF%2BPhGL7D5zg3R%2BdPQ6Fr7wQsZYknvSttSXk8hRnLS9X9LBa6qIXmUY173HSsrW6xfMXlaRqoHdEYt7SyBR%2Fah5egwT2vxdzfAJy"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2c4e79d600-MXP
Content-Length: 13026

GET
H/1.1 200
OK the-capillary-action-video_xr2.JPG
images.hellokids.com/_uploads/_tiny_galerie/20150418/ 7 KB
8 KB 198ms
197ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20150418/the-capillary-action-video_xr2.JPG
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6445ec7743bf67c50fb7c7a8409e97e7934ffea4bec4ba409d20be724b5f308b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Aug 2015 12:35:21 GMT
Server: cloudflare
ETag: "1da8-51e5e5129b440"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQM6%2FE764ahNxxGvDLWkYom4BIAPVA3eBd8ozNi5GK2MguzP%2B%2B%2BzOpFY1GKJ8fqhaAEG1gYys%2B46uxbSpRvORvYVUeB%2FmxOfpKwIgzkzSL%2FG4AoaNU6fYrqRv9RboQSlwyNAi9u4Fcrr5toljwDG53UA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2e0f595a13-MXP
Content-Length: 7592
Cf-Bgj: h2pri

GET
H/1.1 200
OK papillon-fil-chenille-wn7qk.jpg
images.hellokids.com/_uploads/_tiny_galerie/20100938/ 6 KB
7 KB 171ms
170ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20100938/papillon-fil-chenille-wn7qk.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db69cc715bbd28169f84dc319f34af6f4f5c219500a5d6db1a0de715d7e68267

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 30 Nov 2015 09:46:40 GMT
Server: cloudflare
ETag: "1749-525beeafcc000"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4AEZCxszS5X2Krv7Lj%2B4KEi16QFi%2Bq0Na2QRi2oscdAOv7%2BaDXx98as6Wdt%2B%2FMzex2Ca578PqDAwpUDxGlIkRqNMB%2FDvF65BovNfP2WeVWNLnhhqnt4TW68VtiLN73ygnwoZyHE2pAWv5imEsxMJzwN"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2e187dd608-MXP
Content-Length: 5961
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-ydytf-atelier22-flv_q74.jpg
images.hellokids.com/_uploads/_tiny_galerie/20130208/ 6 KB
7 KB 190ms
189ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20130208/vign-ydytf-atelier22-flv_q74.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a3cb8a3345a9687dd44a5b6f0466e58cb64daf89e597c7e772c7a565085b735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Jun 2013 07:59:17 GMT
Server: cloudflare
ETag: "1906-4e03241657f40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAvKRov8pJAbFJ%2FUY29AIM73tMvr1HuiCCZcS8TX4jeARKae1UGu23d6t3cfBoJ4m7TVrr1Ul0%2BoRKCF1%2F9b65GFfayZTF%2F02sW4pV%2FbVoz%2F2bokZV61KqZTss0NVwYGY8swgJNEyAmw9MrJcrCduW1z"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2e1e050f5e-MXP
Content-Length: 6406
Cf-Bgj: h2pri

GET
H/1.1 200
OK vign-dpd6q-atelier69-flv_z2p.jpg
images.hellokids.com/_uploads/_tiny_galerie/20130208/ 7 KB
8 KB 199ms
199ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.hellokids.com/_uploads/_tiny_galerie/20130208/vign-dpd6q-atelier69-flv_z2p.jpg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da43376285a59c73369ad2b9b5810c8e9afe3c118aaee819370dd8aeaedf0ddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 28 Jun 2013 07:59:21 GMT
Server: cloudflare
ETag: "1c53-4e03241a28840"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfDMyw7HZInwF6NmguDWY4AVO2H0gVAVHqR8w1ubeTnLeKvxMpxtHD%2FgNxVdqn8RNj8%2B7dZBBTBsPR6f6GFJ5XcbnODQVAgZAU041P0RDVmMJp0DJyj0wOZpZS2bn%2BCL1DgFSG6KGrDRT1s91dIzmOTu"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6ac5ed2e3ff6f937-MXP
Content-Length: 7251
Cf-Bgj: h2pri

GET
H/1.1 200
OK carl_footer.png
www.hellokids.com/design/normal/assets/mascottes/ 18 KB
18 KB 33ms
32ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/mascottes/carl_footer.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5b6952ee9449f9d1f428a8de4c3297404a5c520a838173b24e28197a8c232497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Tue, 03 Jan 2017 13:06:25 GMT
Age: 5781
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 17937
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK AZERION_logo_txt_white.png
www.hellokids.com/design/normal/assets/ 36 KB
37 KB 28ms
28ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/AZERION_logo_txt_white.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 57cc3d8e154ccb863b83f536a606c9ddab56fd8456fbe17d1199ac7ecd33a335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 18 Mar 2019 09:54:39 GMT
Age: 9169
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 37118
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK footerJS.js.php Show response
www.hellokids.com/_includes/js.php/ 1 KB
2 KB 64ms
63ms Script
application/javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/_includes/js.php/footerJS.js.php
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3d04ac39ddbf196cad9bf221f474eb22deee85d6896fd982921f23c3402e8b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:53:18 GMT
Age: 0
x-Cache: uncached
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1254
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK print.css
www.hellokids.com/design/normal/ 1 KB
1 KB 31ms
31ms Stylesheet
text/css 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/design/normal/print.css
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bacb71e455a8278449df034b1047bffad3837e8c8a72e10e41d6073f5ceef6a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2019 10:13:21 GMT
Age: 9520
Vary: Accept-Encoding
X-Cache: cached
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 755
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,500%7CBoogaloo

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.hellokids.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 21:11:59 GMT
X-Content-Type-Options: nosniff
Age: 211071
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15688
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:19 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Tue, 08 Nov 2022 21:11:59 GMT

GET
H2 200 eu Show response
service.cmp.oath.com/cmp/v0/location/ 15 B
237 B 266ms
136ms XHR
application/json 2606:2800:135:155a:23ba:b2a:25ff:122d
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://service.cmp.oath.com/cmp/v0/location/eu

Requested by

Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/cmp/cmpBundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcc/43AF) /

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
server: ECD (dcc/43AF)
date: Thu, 11 Nov 2021 07:49:50 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 36ms
10ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: HTTP/1.1
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 11 Nov 2021 03:38:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 26 Feb 2021 14:35:05 GMT
Server: AmazonS3
Age: 15102
ETag: W/"1827f116c73f319409b97f10b8a58ade"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: jBiR6cvwCF5p1vSM1rAd8pOgz2sqKXBUjjonNt3qJlnVTa3uv4KFOg==

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

61ms
19ms

Script
text/javascript

2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 960
date: Thu, 11 Nov 2021 07:33:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 11 Nov 2021 09:33:50 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6524
date: Thu, 11 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 08:01:06 GMT

GET
H2 200 headerlift.min.js Show response
hb.improvedigital.com/pbw/ 107 KB
107 KB 50ms
10ms Script
application/javascript 2600:9000:2156:9200:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f8e8b83b48b157062193d063f9f6b29bd68f21e45af07035e3dc09bea9c3ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 06:59:14 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-guploader-response-body-transformations: gunzipped
age: 3037
x-guploader-uploadid: ADPycdtOSevpXHsbKHub2-JMDxEWBOk9Irdt9iPgBvV832IqKTeqFbvJgFaFRZWUChjwMka47ypOfJN2kzdQdL85cGzjZWtcnw
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 109193
x-amz-cf-id: bAjqgzhpDbCaZhNKnFWkB9LUcngc1iCzT6tpG4FWK6HffTfTIwmWhw==
last-modified: Wed, 03 Nov 2021 16:00:32 GMT
server: UploadServer
etag: W/"52ccd47271078de5dcb61717f365828c"
vary: Accept-Encoding
x-goog-hash: crc32c=8MFPzQ==, md5=UszUcnEHjeXcthcX82WCjA==
x-goog-generation: 1635955232664100
cache-control: public, max-age=3600
x-goog-stored-content-length: 34055
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
warning: 214 UploadServer gunzipped
expires: Thu, 11 Nov 2021 07:59:13 GMT

GET
H/1.1 200
OK tran-flags-new.png
www.hellokids.com/design/normal/v5/ 23 KB
23 KB 81ms
27ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/v5/tran-flags-new.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2a272973074a844d522be382921a4972b4a1400008eac1cd438bac01060ee0d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 8959
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 23612
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK drawing.png
www.hellokids.com/design/normal/assets/icons/ 4 KB
4 KB 87ms
29ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/drawing.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 922feb6b119446bd220800790b2dc170d993e682011b5f83503cc1f832951375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 5928
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3850
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK crafts.png
www.hellokids.com/design/normal/assets/icons/ 5 KB
5 KB 52ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/crafts.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 57639b65658b629bd618bf667bf054afc3c63247aadec9f3d3fee427f7bcecb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:40 GMT
Age: 5655
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 4907
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK coloring.png
www.hellokids.com/design/normal/assets/icons/ 6 KB
7 KB 85ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/coloring.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 845d110e17690fbf7a1aec7747163c5a9d815ee1c3ecf2e187b61118c4b98d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 2942
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6449
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK games.png
www.hellokids.com/design/normal/assets/icons/ 4 KB
5 KB 52ms
31ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/games.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b34f44541c913a6841a6928fde4a4e401294ccc3ace6e6add22e017a65303f8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 5265
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 4255
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK reading.png
www.hellokids.com/design/normal/assets/icons/ 6 KB
6 KB 110ms
28ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/reading.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3293064e6f191da40cf0442eecf380a4ebcad100cf5500be30260d40d00c1ddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:40 GMT
Age: 5655
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5798
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK movies.png
www.hellokids.com/design/normal/assets/icons/ 5 KB
5 KB 103ms
29ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/icons/movies.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c92f03ae0b619c88157ef5e83a0cb327238870e0e4e7170850a2cf9921c5fb0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 6945
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5158
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK brushed-alum-dark.png
www.hellokids.com/design/normal/v5/ 309 KB
310 KB 39ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/v5/brushed-alum-dark.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 835749511ce718f86a93fe8cccb58c474a32afe1b2da5835ef2288330bc16df8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 8959
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 316684
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK trans-bg-new.png
www.hellokids.com/design/normal/assets/ 279 KB
279 KB 81ms
28ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/trans-bg-new.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 51fee51e18c99780f6c62754ab5c4396b93e6c59d7d29d3eb4245a0cfe54f048

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:29 GMT
Age: 8959
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 285425
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.hellokids.com/design/normal/fontawesome/fonts/ 65 KB
65 KB 58ms
57ms Font
application/octet-stream 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/design/normal/fontawesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Origin: http://www.hellokids.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 11 Jan 2016 16:46:35 GMT
Age: 9419
X-Cache: cached
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 66624

GET
H/1.1 200
OK kmK-Zq45GAvOdnaW6y1C9ys.woff2
fonts.gstatic.com/s/boogaloo/v12/ 10 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/boogaloo/v12/kmK-Zq45GAvOdnaW6y1C9ys.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,500%7CBoogaloo

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c5ab57fdb4782d99913aa44948416e281a4536d884a18462b353f0d320368cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.hellokids.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 11:37:01 GMT
X-Content-Type-Options: nosniff
Age: 591169
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10276
X-XSS-Protection: 0
Last-Modified: Tue, 01 Sep 2020 05:24:28 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 04 Nov 2022 11:37:01 GMT

POST
H/1.1 200
OK ajax.php Show response
www.hellokids.com/op/chasse/ 10 B
388 B 97ms
32ms XHR
text/html 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/op/chasse/ajax.php
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c1672e10e32db6aa94b3240ef597b807aea3e4eac962be1dd5d51a94c2e6666

Request headers

Accept: */*
Referer: http://www.hellokids.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:53:18 GMT
Content-Encoding: gzip
Age: 0
Vary: Accept-Encoding
x-Cache: uncached
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg_text_line.png
www.hellokids.com/design/normal/assets/patterns/ 26 KB
26 KB 105ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_text_line.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fd1ebb5e4a128528671fc3d1c80abc6b1c133c6b34bf9071702053193fb7607e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 3129
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 26681
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg_tex_stripes.svg
www.hellokids.com/design/normal/assets/patterns/ 1 KB
2 KB 102ms
32ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_stripes.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 27f9d26322f78a764e82384fa7afaeb110a3ad4ed17b0182bf51713f5ebad42a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 13798
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1321

GET
H/1.1 200
OK tape-end-left.png
www.hellokids.com/design/normal/assets/ 2 KB
2 KB 97ms
29ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/tape-end-left.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3fe771c4d2c27676266716fac328e257915baa6ce81a6d064d0c13998e719757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 8649
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1648
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tape-end-right.png
www.hellokids.com/design/normal/assets/ 2 KB
2 KB 111ms
30ms Image
image/png 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/tape-end-right.png
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9b8f309fa62a05aa753c452ef35cb3a5ac36249df7bad78efe4debe48c37ff11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 8649
X-Cache: cached
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1705
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg_tex_splatters.svg
www.hellokids.com/design/normal/assets/patterns/ 6 KB
6 KB 81ms
29ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_splatters.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c710f534bdd026edde1d2b331fc533be545e094f3ab951c329b7374729994ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:10 GMT
Age: 14462
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5907

GET
H/1.1 200
OK bg_tex_dots.svg
www.hellokids.com/design/normal/assets/patterns/ 4 KB
4 KB 29ms
29ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_dots.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7d4ac15b765c90eb02650545a957b9183cdbc36c30b65eeea7c8f3f2099ca8d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:10 GMT
Age: 5792
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3718

GET
H/1.1 200
OK bg_tex_maze.svg
www.hellokids.com/design/normal/assets/patterns/ 2 KB
2 KB 30ms
29ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_maze.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c70602b3d9408fdc5e2075f4835b25e2ea65c1b6ad2c3fb4b92dcb974060200e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 246
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2248

GET
H/1.1 200
OK bg_tex_diamonds.svg
www.hellokids.com/design/normal/assets/patterns/ 2 KB
3 KB 31ms
31ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_diamonds.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4ba817dc36c6c8fda9dbb5ef5b3ac04491fc4611f51d85a18d65bd0f0f4ca99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:45:34 GMT
Age: 14096
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2489

GET
H/1.1 200
OK bg_tex_squares.svg
www.hellokids.com/design/normal/assets/patterns/ 4 KB
4 KB 30ms
30ms Image
image/svg+xml 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hellokids.com/design/normal/assets/patterns/bg_tex_squares.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 505409be95553ec817c8cf14e89b6bc5b6a8ebe56732a2677807e61968d4610c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/design/normal/main.css?r=cc16ffcb7ab53839454a4c533f6179d366fad910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:53:18 GMT
Last-Modified: Mon, 10 Oct 2016 13:42:30 GMT
Age: 5978
X-Cache: cached
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 4054

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,500%7CBoogaloo

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.hellokids.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 08:16:22 GMT
X-Content-Type-Options: nosniff
Age: 603208
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15920
X-XSS-Protection: 0
Last-Modified: Wed, 22 Sep 2021 16:13:21 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 04 Nov 2022 08:16:22 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.hel...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.he...

64 B
329 B

10ms
9ms

Image
image/gif

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.hellokids.com%2F&c9=
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: htlXab0RqQYzkYnXCaysbYciT1pW33d4WYQAVrXI2zJQUswSSRla6Q==

Redirect headers

date: Thu, 11 Nov 2021 07:49:50 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036161&ns__t=1636616990427&ns_c=UTF-8&cv=3.5&c8=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&c7=http%3A%2F%2Fwww.hellokids.com%2F&c9=
content-length: 237
x-amz-cf-id: 5KmUd41vcoDmZmDOz439TiKrkka1gYn6vQYROW333iQPZmAosNGK2A==

GET
H2

200

__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Co...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=C...

35 B
198 B

26ms
23ms

Image
image/gif

2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&utmhid=2084045421&utmr=-&utmp=%2F&utmht=1636616990475&utmac=UA-316984-7&utmcc=__utma%3D191970867.2002329014.1636616990.1636616990.1636616990.1%3B%2B__utmz%3D191970867.1636616990.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25151415&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Nov 2021 07:49:50 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1028640911&utmhn=www.hellokids.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&utmhid=2084045421&utmr=-&utmp=%2F&utmht=1636616990475&utmac=UA-316984-7&utmcc=__utma%3D191970867.2002329014.1636616990.1636616990.1636616990.1%3B%2B__utmz%3D191970867.1636616990.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25151415&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 opphb Show response
pub.headerlift.com/ 2 KB
2 KB 98ms
44ms Fetch
application/json 2606:4700:3034::6815:5192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Fwww.hellokids.com%2F&page_type=home&page_width=1600
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28bd9769576f89eece91981c4a2ebe1c80b34ea678fa3b299cb28f2b4a3a917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyYD%2FYAvvD6iHZhk8HXENvLv0Du%2FtOtH9pKN5ngQUqopXlwBvCfld6XnsF%2FFKMv9rotVe5lgk68HL6WXfzP9q3i9MW8tS5TEYBIb1G9HAnqcGKr8A856Kx434p4kCymitWgSt2xGuclv6qaNc5skUvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ac5ed1ef9363752-MXP
access-control-allow-headers: *

GET
H2 200 prebid-idhb-v5.14.min.js Show response
hb.improvedigital.com/pbw/prebid/ 411 KB
128 KB 12ms
11ms Script
application/javascript 2600:9000:2156:9200:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v5.14.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4a05e71240c0b567f4e1d078fd710a429e4752a04422fb281c31ff5a0d2e9184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 19:08:14 GMT
content-encoding: gzip
age: 304896
x-guploader-uploadid: ADPycdsMSQ66xdLly7XaLWsSr1G-mmeq1-F3_k5jAko77JLwV49QuDjQE9nuYUDjpAUZgZFxn6DVAGdwboxfRiotamc
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 129724
last-modified: Fri, 24 Sep 2021 15:08:11 GMT
server: UploadServer
etag: "9f0adc8b252b2724b7a3d56f34472569"
x-goog-hash: crc32c=25cmWw==, md5=nwrciyUrJyS3o9VvNEclaQ==
content-language: en
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-goog-generation: 1632496091482617
cache-control: public, max-age=604800,no-transform
x-goog-stored-content-length: 129724
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: nTndAz3RNP4r4uTuYhGfqP5sv45I55LfYDNS1l5MOvPLgbiu6hIRqA==
expires: Sun, 14 Nov 2021 19:08:14 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 15ms
9ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: HTTP/1.1
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
Content-Encoding: gzip
ETag: fc2e1be4d234471752ea2ebee7e63d1e
Age: 816
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: Server
x-amz-rid: 16PR2RF980XX2J2413SP
Date: Thu, 11 Nov 2021 07:36:15 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: nOW-LsAZg4JBjou5062wh4UjURao2fkMNKoXlRGh3xTP8teEqfc-Jg==

GET
H2 200 index.html Show response
assets.casualportals.com/gdpr/wall/hk/ Frame 1954 11 KB
2 KB 11ms
11ms Document
text/html 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.casualportals.com/gdpr/wall/hk/index.html
Requested by: Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/cmp/cmpBundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: af2c3da607488fa4c8f5c1975796c422ebb337c70ea4779167344f12152fe21c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
etag: "1592300987"
cache-control: max-age=1001
content-encoding: gzip
content-length: 2075
content-type: text/html
last-modified: Tue, 16 Jun 2020 09:49:47 GMT
accept-ranges: bytes
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds122.fr8.c
access-control-allow-origin: *

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 15ms
10ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 04:33:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 11788
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 09 Nov 2021 22:55:20 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
Via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: VV3PMCeOu5O92I82Wou3RPucFJ8qytNJPWQ23KYb2LcOck8raQ_Kig==

GET
H2 200 style.css
assets.casualportals.com/gdpr/wall/hk/ Frame 1954 47 KB
6 KB 9ms
9ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.casualportals.com/gdpr/wall/hk/style.css?1636616990637
Requested by: Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/wall/hk/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3ad4d181306bcee79eae3016b31b1f1b45c6f788c972a315f4089d4449f728b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Thu, 25 Jun 2020 10:02:12 GMT
etag: "1593079332"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds054.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1756
accept-ranges: bytes
content-length: 6022

GET
H2 200 wall.min.js Show response
assets.casualportals.com/gdpr/wall/hk/ Frame 1954 159 KB
35 KB 10ms
10ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.casualportals.com/gdpr/wall/hk/wall.min.js?1636616990638
Requested by: Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/wall/hk/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7a963a107930930cbdd70e8adc0cc856093ab12a2d8e6ad5a8b0085331ddad90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Thu, 25 Jun 2020 10:02:20 GMT
etag: "1593079340"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds279.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1756
accept-ranges: bytes
content-length: 36033

GET
H2 200 css
fonts.googleapis.com/ Frame 1954 664 B
819 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/wall/hk/style.css?1636616990637

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:03:56 GMT
server: ESF
date: Thu, 11 Nov 2021 07:49:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 07:49:50 GMT

GET
H2 200 texts.json Show response
assets.casualportals.com/gdpr/en/ Frame 1954 8 KB
9 KB 8ms
8ms XHR
application/json 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.casualportals.com/gdpr/en/texts.json
Requested by: Host: assets.casualportals.com
URL: https://assets.casualportals.com/gdpr/wall/hk/wall.min.js?1636616990638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4e5de39b36ba48df3537a4ca25019cbc2a0b611b007c951ba4d817796d46618d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds210.fr8.c
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1533
accept-ranges: bytes
content-length: 8625

GET logo.png
www.hellokids.com/design/normal/assets/ Frame 1954 0
0

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/en/ Frame 1954 889 B
588 B 10ms
9ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/en/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 98a05afefa4b10e029f131bb848569b7d0a2ed26e648e12504263e9db14cf8d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds149.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 454

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/de/ Frame 1954 289 B
305 B 12ms
10ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/de/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 564dae37a38facd57f38c5c6cd9f2d6fc653fd5795a2b4162c9d207afca6b498

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds254.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 193

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/es/ Frame 1954 144 KB
32 KB 12ms
10ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/es/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ea3ce73543935aabd16108ddc7ddbd73535e7416d1302e711245e48e3520c821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds241.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 32963

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/fr/ Frame 1954 295 B
310 B 17ms
16ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/fr/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 97848593a40c1251b3ffb13e9ee2ac63dba25ada2345a3445080857b4f3bc21d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds201.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 200

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/it/ Frame 1954 295 B
311 B 17ms
16ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/it/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a5dace13d58cd52d1b0d2669f42098c57fc1a22b5384ab0d12ac0f96edcf408b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds097.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 199

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/nl/ Frame 1954 378 B
362 B 18ms
16ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/nl/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 129907e3b2e66c725d0d63576411ff6660b050789b9d1070042b75fd55379b74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds202.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 252

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/pl/ Frame 1954 215 B
290 B 18ms
17ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/pl/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7ca6e3aa6bfd94850d1703c250f5042c306c9c4670219a920439668faf7fef03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds124.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1002
accept-ranges: bytes
content-length: 168

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/pt/ Frame 1954 12 KB
5 KB 18ms
17ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/pt/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b862f2ff63c9c7628a2b4a8aecca42f6a6ef4d4fa96c10da3507d5efafbebdcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds160.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 5351

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/ro/ Frame 1954 302 B
305 B 18ms
17ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/ro/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3b985f0ae57cfbcffa68f5b37f177f436158f702f845250a2bbfd34024cfa3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds288.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 193

GET
H2 200 flag.svg
assets.casualportals.com/gdpr/sv/ Frame 1954 777 B
445 B 18ms
18ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/sv/flag.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e1d679e231b2e42e8fcbbd4b32e722118946f5da1e8330d5cb51a0da4b54432a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds241.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 387

GET
H2 200 1.svg
assets.casualportals.com/gdpr/icons/purposes/blue/ Frame 1954 3 KB
1 KB 19ms
18ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/purposes/blue/1.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 851cba871108aa7ddbdf605cefa61c7fb5c06b94f467ec6560d2a4e6f4e8064c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds005.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 1330

GET
H2 200 2.svg
assets.casualportals.com/gdpr/icons/purposes/blue/ Frame 1954 2 KB
1 KB 20ms
20ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/purposes/blue/2.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ef54f5c9138f4dbd9a4c3f6c2b6177175c88e25a845cd13d07c05e4d551fc456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds258.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 943

GET
H2 200 3.svg
assets.casualportals.com/gdpr/icons/purposes/blue/ Frame 1954 3 KB
1 KB 22ms
21ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/purposes/blue/3.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7e083596f2f3ba0acc16d0e0a0f2edb369e599e3629bc28d82c929b6cf5e473f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds203.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 1265

GET
H2 200 4.svg
assets.casualportals.com/gdpr/icons/purposes/blue/ Frame 1954 2 KB
1 KB 27ms
26ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/purposes/blue/4.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: dd26a46681bc9633e3ee4f9ad95922bdfa2f1478d6a45df267cc3dd39c48f51f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds051.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 1052

GET
H2 200 5.svg
assets.casualportals.com/gdpr/icons/purposes/blue/ Frame 1954 1 KB
788 B 27ms
26ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/purposes/blue/5.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ea5a0a6ffea20eefe3047dc2cb5c9567eff056a230c36071ccf4d163ef14a436

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds147.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 676

GET
H2 200 1.svg
assets.casualportals.com/gdpr/icons/features/orange/ Frame 1954 989 B
706 B 27ms
26ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/features/orange/1.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 8b5eb552422b56cb9d01dd210a680a9cb43b4e60e8a723cb222916f1b4c19907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds217.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 595

GET
H2 200 2.svg
assets.casualportals.com/gdpr/icons/features/orange/ Frame 1954 3 KB
1 KB 29ms
29ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/features/orange/2.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 88940f1ddf7bfc72cfc92d654a671a01df723c4a2e2fcf273937a08cac5cdfc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds015.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 1236

GET
H2 200 3.svg
assets.casualportals.com/gdpr/icons/features/orange/ Frame 1954 2 KB
938 B 29ms
29ms Image
image/svg+xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.casualportals.com/gdpr/icons/features/orange/3.svg
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 37ec7d45e8d2486440fd826b08d78543f589e9fd40d960605ea8887e9cdaff16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.casualportals.com/gdpr/wall/hk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:50 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 15:06:46 GMT
etag: "1589555206"
x-hw: 1636616990.dop246.fr8.t,1636616990.cds244.fr8.hn,1636616990.cds284.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=349
accept-ranges: bytes
content-length: 826

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 1954 23 KB
24 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://assets.casualportals.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 12:11:32 GMT
x-content-type-options: nosniff
age: 589099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 12:11:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2084045421&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hellokids.com%2F&ul=en-us&de=UTF-8&dt=Coloring%20Pages%20-%20Free%20online%20coloring%20for%20kids%20on%20Hellokids.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=191970867.2002329014.1636616990.1636616990.1636616990.1&_utmz=191970867.1636616990.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1636616992359&_u=KGBCCEABBAAAAC~&jid=1624113529&gjid=1170131587&cid=2002329014.1636616990&tid=UA-316984-51&_gid=1037920850.1636616990&_r=1&_slc=1&z=431036711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hellokids.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
123 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-316984-51&cid=2002329014.1636616990&jid=1624113529&gjid=1170131587&_gid=1037920850.1636616990&_u=KGBCCEAABAAAAC~&z=573739534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hellokids.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Nov 2021 07:49:52 GMT
content-type: text/plain
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

36ms
13ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 11 Nov 2021 07:49:53 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2

502

tm.js
static-dmp.mediaglacier.com/
Redirect Chain

http://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d
https://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d

0
0

329ms
313ms

Script
text/html

35.241.44.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d
Protocol: H2
Server: 35.241.44.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.44.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Location: https://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d
Date: Thu, 11 Nov 2021 07:49:53 GMT
Cache-Control: private
Referrer-Policy: no-referrer
Content-Length: 278
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK adhese.min.js Show response
www.hellokids.com/_scripts/adhese/ 18 KB
6 KB 31ms
31ms Script
application/x-javascript 52.51.66.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hellokids.com/_scripts/adhese/adhese.min.js
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/all_js.js?type=js&urls=%2Ffonctions_dyn.js,%2F_scripts%2Ffancybox%2Fjquery.fancybox.pack.js,%2F_scripts%2Fskin%2Fskin.js,%2F_scripts%2Fpub.js,%2F_scripts%2Fmodules%2Fdetect_mobile%2Fmobile.js,%2F_scripts%2Fjs%2Fmodernizr.min.js,%2F_scripts%2Fswfobject%2Fswfobject.js,%2Ftemplates%2Fcoloriages%2Fscripts%2Fgs%2Ftweenmax.min.js,%2F_scripts%2Fjs%2Finview.min.js,%2F_scripts%2Fmodules%2Fslider%2Fslider.js,%2F_scripts%2Ffonctions.js,%2F_scripts%2Fjquery%2Fplugins%2Fjquery.touchSwipe.min.js,%2F_scripts%2Fjs%2Ffullscreen-2.js,%2F_scripts%2Fmodules%2Finterface%2Finterface.js,%2F_scripts%2Fgdpr%2Fgdpr.js&date=20211111f
Protocol: HTTP/1.1
Server: 52.51.66.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-66-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d3f2d4f3d94b1120b9c3d010cb05e3f1211047ab8c4612c3b5bd3da846e201b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Nov 2021 07:53:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2018 07:58:51 GMT
Age: 6008
Vary: Accept-Encoding
X-Cache: cached
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5553
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13994/ 38 KB
11 KB 39ms
10ms Script
application/json 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13994/cc.js?ns=_cc13994
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/all_js.js?type=js&urls=%2Ffonctions_dyn.js,%2F_scripts%2Ffancybox%2Fjquery.fancybox.pack.js,%2F_scripts%2Fskin%2Fskin.js,%2F_scripts%2Fpub.js,%2F_scripts%2Fmodules%2Fdetect_mobile%2Fmobile.js,%2F_scripts%2Fjs%2Fmodernizr.min.js,%2F_scripts%2Fswfobject%2Fswfobject.js,%2Ftemplates%2Fcoloriages%2Fscripts%2Fgs%2Ftweenmax.min.js,%2F_scripts%2Fjs%2Finview.min.js,%2F_scripts%2Fmodules%2Fslider%2Fslider.js,%2F_scripts%2Ffonctions.js,%2F_scripts%2Fjquery%2Fplugins%2Fjquery.touchSwipe.min.js,%2F_scripts%2Fjs%2Ffullscreen-2.js,%2F_scripts%2Fmodules%2Finterface%2Finterface.js,%2F_scripts%2Fgdpr%2Fgdpr.js&date=20211111f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-13.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31bb27151e5b8acb3dded66d54932973c5dd10eeb7a00d1082b9db68ef8c94eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 10 Nov 2021 16:20:12 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:51:29 GMT
server: AmazonS3
age: 55782
etag: W/"a6bf7141ab8a319ca01c6b2b76e9402f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QKHVxLNm_IJqebYz0PLyCT0sUcZ_rPNIilwmyjbZ04eh0u6Abqw30Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
734 B 119ms
100ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fwww.hellokids.com%2F&pubid=33883916-428a-4649-8f26-2c7a9527dd63
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 8bd0e8f198b244ea4f0829e657744fd2a37bb04ee74b13ebbadfc342e7ee7c10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:52 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://www.hellokids.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: ZC7jNhto_4srXIYezmi2eBaLWgLylJ-sdlj11baR2Anhqcd3LH8cEg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 72ms
31ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211111

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v5.14.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9716fc326a5af52ade7e33aae3e17a008fc0d16c9f9158de9ef0963fac2af00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hellokids.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17333
x-jsd-version: 1.0.1157
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-mxp6981-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-gPAqkjTqtCClM0TVv2P3PC/+GTg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ac5ed2fde3f0e16-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 49ms
20ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

c009cd2ea8c6d8c45b4a47a228cecf2805884880979531ed1d2135b4c96eb453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1040 / 241 of 1000 / last-modified: 1636585547"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26975
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Nov 2021 07:49:53 GMT

GET
H2

404

user_sync Show response
user-sync-orange.adhese.com/handlers/improvedigital/ Frame 2651
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1&r=https%3A%2F%2Fuser-sync-orange.adhese.com%2Fhandlers%2Fimprovedigital%2Fuser_sync%3Fu%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1&r=https%3A%2F%2Fuser-sync-orange.adhese.com%2Fhandlers%2Fimprovedigital%2Fuser_sync%3Fu%3D%7BPUB_USER_ID%7D
https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f

21 B
143 B

53ms
30ms

Document
text/plain

35.205.165.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/_scripts/adhese/adhese.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.205.165.27 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

27.165.205.35.bc.googleusercontent.com

Software

Resource Hash

673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-type: text/plain; charset=utf-8
content-length: 21
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-type: text/plain
content-length: 0
location: https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 user_sync_discovery
user-sync.adhese.com/handlers/improvedigital/ 43 B
446 B 70ms
19ms Image
image/gif 35.205.165.27
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user-sync.adhese.com/handlers/improvedigital/user_sync_discovery?domain=ads-orange.adhese.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.205.165.27 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

27.165.205.35.bc.googleusercontent.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
cache-control: max-age=300
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
etag: "007fff40b5dd495aca2ac4e1c3fbc60aa"
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif

GET
H2

200

set Show response
privacy.crwdcntrl.net/consent/
Redirect Chain

https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0
https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0&ct=y

365 B
576 B

46ms
45ms

Script
application/javascript

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0&ct=y
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 774388157c7a32361044d8b5f6d325b1bfe828ee33d80bbf385f2a9f9477d8d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
x-server: 10.45.2.13
content-type: application/javascript;charset=utf-8
content-length: 365
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://privacy.crwdcntrl.net/consent/set?c=13994&callback=_cc13994.setConsentCB&rand=262216957&ca=0&cds=0&cta=0&ccd=0&ct=y
cache-control: no-cache
x-server: 10.45.25.126
content-length: 0
expires: 0

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/ Frame 03A0
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr

933 B
2 KB

105ms
104ms

Document
text/html

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13994/cc.js?ns=_cc13994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b5a848988daa2b2d0e832af9f467622e7007834a3355a950927b1f7e48135647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-type: text/html;charset=utf-8
content-length: 933
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.27.30
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.160
server: Jetty(9.4.38.v20210224)

GET
H2 200 pubads_impl_2021110801.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 19ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118396
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Nov 2021 07:49:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 199 B
152 B 30ms
16ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hellokids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

28fd42ae87d2501dfef98797abe9cb36beb4066f3f071362786f9ff4bee51d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Thu, 11 Nov 2021 07:49:53 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 65ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45696
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

35 KB
10 KB

36ms
10ms

Script
text/javascript

46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Thu, 11 Nov 2021 07:30:40 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 577601886

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-590736942df49912/ 2 KB
793 B 225ms
224ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-590736942df49912/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52093a4ed7c7938c65b4f5786824bb3c38b9d897ad3e27aa7bca7bb0a8dd9bde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:53 GMT
content-encoding: gzip
etag: -1194903147--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 616

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 02D8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 15DC 71 KB
26 KB 11ms
10ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 11 Nov 2021 07:49:53 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 03A0 43 B
422 B 128ms
28ms Image
image/gif 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=3b9a0a5783182169181a0cccde275588&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:49:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Fri, 12 Nov 2021 02:49:53 GMT

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=514739823/tpid=9198878619193000621/ Frame 03A0
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=514739823%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D514739823%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=514739823/tpid=9198878619193000621/tp=ANXS

49 B
265 B

43ms
35ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=514739823/tpid=9198878619193000621/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.235
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:49:53 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f156b195-e149-4ac3-b44e-22b7aa11bea1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=514739823/tpid=9198878619193000621/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg&google_tc=

170 B
188 B

34ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2I5YTBhNTc4MzE4MjE2OTE4MWEwY2NjZGUyNzU1ODg&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 03A0 43 B
433 B 53ms
15ms Image
image/gif 143.204.98.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=3b9a0a5783182169181a0cccde275588
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-129.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:49:53 GMT
Via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: hLNFkMyp6pibhvCkuubgf2679m-rPw-39TR-wlKlohNQpebHRDVIxQ==

GET
H2 200 382416.gif
idsync.rlcdn.com/ Frame 03A0 42 B
416 B 41ms
17ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=3b9a0a5783182169181a0cccde275588&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:53 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

200

tpid=AADSBk7DGZYAAChyICqh4A
bcp.crwdcntrl.net/map/c=9130/tp=BEES/ Frame 03A0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lotame
https://match.prod.bidr.io/cookie-sync/lotame?_bee_ppp=1
https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADSBk7DGZYAAChyICqh4A

49 B
265 B

33ms
33ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADSBk7DGZYAAChyICqh4A
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13994/rand=790886243/pv=y/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20www.hellokids.com/rt=ifr
Protocol: H2
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.233
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://bcp.crwdcntrl.net/map/c=9130/tp=BEES/tpid=AADSBk7DGZYAAChyICqh4A
Date: Thu, 11 Nov 2021 07:49:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 16ms
16ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 11 Nov 2021 07:49:53 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hellokids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hellokids.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
37 KB 354ms
354ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=409375815590795&correlator=2855255980997904&output=ldjh&impl=fifs&eid=31063136%2C31063206&vrg=2021110801&ptt=17&rdp=1&npa=1&sc=0&sfv=1-0-38&ecs=20211111&iu_parts=1015413%2Chellokids.com_0007_201_DFP_INDEX%2Chellokids.com_0007_301_DFP_INDEX&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%2C120x600%7C300x600%7C160x600&prev_scp=tnl_paid%3D866%26tnl_pid%3DP-17101800030%26tnl_system%3D1%26tnl_asset_id%3Dgenbu-slot%26tnl_pt%3D18%26pbct%3D2%26tnl_test%3Da%26fp%3D0.05%26fpt%3D0%7Ctnl_paid%3D866%26tnl_pid%3DP-17101800030%26tnl_system%3D1%26tnl_asset_id%3Dsuzaku-slot%26tnl_pt%3D18%26pbct%3D2%26tnl_test%3Da%26fp%3D0.15%26fpt%3D0&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26CountryID%3Den&cookie_enabled=1&bc=23&abxe=1&lmt=1636616996&dt=1636616996222&dlt=1636616990135&idt=3227&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C1000&adys=216%2C766&adks=1366502791%2C2072816134&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.hellokids.com%2F&vis=1&scr_x=0&scr_y=0&psz=1040x110%7C1040x0&msz=970x90%7C300x600&ga_vid=2002329014.1636616990&ga_sid=1636616990&ga_hid=2084045421&ga_fc=true&ga_wpids=UA-316984-7&fws=132%2C128&ohw=970%2C0&btvi=0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

700843fccd1b58afef256af34c0f1e98325cc132f7fcde17ba05a11c77cf2f2d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_tyLXpj_QCFePFuwgdQvgC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/18366586777801201837/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_tyLXpj_QCFePFuwgdQvgC8g&gqi=&layout=/sadbundle/%24csp%253Der3%24/18366586777801201837/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
date: Thu, 11 Nov 2021 07:49:56 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 67ms
29ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82941c559af5a2464d88e8b4c27a43bd343fc7f195803245a5af54be7d79b5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9264
x-xss-protection: 0

GET
H2 200 container.html Show response
0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BF7 6 KB
4 KB 68ms
16ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 07:49:56 GMT
expires: Fri, 11 Nov 2022 07:49:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 11 Nov 2021 07:49:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9D94 12 KB
5 KB 308ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 11 Nov 2021 07:19:12 GMT
expires: Fri, 11 Nov 2022 07:19:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F477 783 B
1 KB 39ms
16ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a80356555c9846423c61622f770ee92f5940029ac671e309a3a08243d439e547

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-snosMPiVZfeuNsdCv2vkaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 11 Nov 2021 07:49:56 GMT
date: Thu, 11 Nov 2021 07:49:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-snosMPiVZfeuNsdCv2vkaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F477 0
0 370ms
47ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110801&jk=409375815590795&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 container.html Show response
0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1516 6 KB
3 KB 309ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 07:49:56 GMT
expires: Fri, 11 Nov 2022 07:49:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F91 6 KB
3 KB 306ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 11 Nov 2021 07:49:56 GMT
expires: Fri, 11 Nov 2022 07:49:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 event
ana.headerlift.com/ 0
0 63ms
54ms Fetch 2606:4700:3034::6815:5192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ana.headerlift.com/event?page_url=http%3A%2F%2Fwww.hellokids.com%2F&eventtype=8
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6UXDMmbG3EiZtsPqZhX5%2BHItHuG8ubImKrafe0WB2TODmsEX3XI4Pl%2B%2F2WJpmQFMLndSWU0z0qjloiyxxAZcBa6cVkHMR%2BWQsYMmnRwQo7ggu1OAmmvCE0ZE8HYvY8Mis%2B9sjkCrp0Hz0zEKgOB2Xo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: http://www.hellokids.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ac5ed44e8b33752-MXP
access-control-allow-headers: *

GET
H2 200 NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D94 35 KB
14 KB 60ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13531
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 20:23:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110801&jk=409375815590795&bg=!pqWlpeHNAAYDGbPvAxk7ACkAdvg8WuosbLvpQFXuneL4ymYpXhwfElXMaNFnAVwN9RLdZku_6tlu0AIAAABYUgAAAAtoAQcKAM2R801HFXlGDIy6FGJUFMQWY2ku7oxM3ytGbTvtBXWE4plOJSBPOyilaRxt2U7FbbcO1zj1rPxcZPRugsOfHZVXouI_Uy_JfuMD7G1c_aVejIah6ieicXmCaTQn72zobOeYZZ2nDB6B2xZb6Hx9aWlh8lM7xC4wSiqQbojO3veMkaxeO_iBwy2h-AIb6FqruimWGI8lm86I5ENWswXx79-cB6QXAvCVGtBOqYaC8zoLkwOtW1vnPBt3v2Tsl985eE3UbxVhHASc_bVkeZ0UmQLC1_yMWdGDANPffqpuC9v6Jo0skZoQsrC7KJWiCgSv4KGX4yuPxQgT3JEPG99DXoeUQH8Sem3PLEw2I50mXbcl54gYk9Jtp1ytiP90XdzLFg1A6ut4fflQLGEqlZEdnqQ_7KJkVryGuMGNPw3YiBO0D6pS7H71GBWeTgyhSE43dUEQ4vALZnosG5pXd11nsxITSCH4Rxrow3i3M5h2cj3mYKdyFYZAuQ8BzDzshStKqH9FkMclcG2KsGsp5hEuD6awPx_pE7WatkPh8l0hO7G73mMxGMbJ6il-Ao8_-X1KvMF4T0J12o4qF-0cPuCv9pO-Q0aCu_730Vo9OH5EmCZN0Viy3RQff8kz14fwc2wsyIj4hH5P_O09_EQerxJ4kcCysV1z82rXfKQxlTCadJ2l6qv2xk4Y0CCMczdcAq4dampx0NDlTFmAoPo8S_fFYaq9nIfZggBAjeQh55oQAUjrSSuDwb4KuZAlkR8dFDxpSnfeI5SKUnSp-12X82ttlkKVkp8SWWtgDw5FUqaITo3kc6KyXZGyD6s8k-wM6mB_AXp7Oyrbq1f76ExwPbX3ZtVBNopF9a6CXckcFqPlu1HnBX2GpET3Q4vzTNEhKcoicwLLm7RCedKb7hCO_560gRTAcacNXF0mnL2-aZ34oABNmm3iRhQoOv8-hAYw78FRhEYQu2cvRyD2r-9SgCNyHxChANzloV7oItxD2QIDSOdvCfM4faGCdycoIchB25FyFqHvCiVT5vLFGQmJ_q8lz8PWO0sHxRDIDhzBStdFPKKGWJb0PSNwzvAygAVjCfb37LTEQJr3AJH8vHRfVmW8Tea9hBBAU0TK0O9XvnychP9i8CeUH_tEhbJjoNXCaTGH-NqYx0x_FPMgSp26N0UyQfFuLQTQCcGBfKid_4hI-81LDR78cvdRhjxHvMv3o6R5c3ZJKw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hellokids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 113 KB
20 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f65744d16081b25ddf4105faf87e3c41aea69416671e394714f18b67d4c1035a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Mon, 08 Nov 2021 00:39:48 GMT
expires: Tue, 08 Nov 2022 00:39:48 GMT
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19034
age: 285008
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1516 0
0 48ms
48ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpLhCJMuMYb_LEOOL7_UPwvCLkA-32YjpZbb95NTVDqqEsbWJKxABIK-VuxpglfrwgYwHoAGl4IzcA8gBCakCGO5IIrQ9sz7gAgCoAwHIAwiqBNsBT9CYM99WVeOO7jq96c3ube6FyObE0JLIi-awt9n870uhkIKmy1fF6NSD5EkfFLDnimuGs2VJ30HTzVBjZuiCAJm8s5x8ZvXJ8zBQ4ixMfgH9XXoLYzkK4KQ9_SkNSPTWwTJcqF8mqUUO9BjzRrKFoBqlL98OwmdkOVsDpcOeDTCYRT1ExIq1RhtDqIVT5rKouG-4SfOtnoVGWZFUP_WKOVI0dkSeuTWv07IWhqrGGgR-qDTcwxfUo8R16t6wynhHEVTe-jmpnsk7Rni4LR0dD4ABt-v9xfaHR7_AwASy2YKkzwPgBAGgBi6AB7ORqyioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQnybSCAkIgOGQcBABGB2ACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMTMxMzgzNDQ1NDQ5NDEzMBjFtwY&sigh=TzgrmRswT1c&uach_m=[UACH]&template_id=419
Requested by: Host: www.hellokids.com
URL: http://www.hellokids.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 1516 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:40:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 1516 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:47:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1516 119 KB
37 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 07:49:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 1516 15 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:40:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1516 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3gR8epzVv7saueg23VOvcJh25aF5F0dNvo7HFcILYwGBMv3s1kr-WVf37E0jWYo2hDzw7
Requested by: Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CEEC 0
234 B 42ms
19ms Document
text/html 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPC-rQIQtprG0QIYvJW_uQEwAQ&v=APEucNWXDtd9R3-O00vAvSk0BLcSCTkbnXk2jhgYl7ItydLaL2Ve-1-qkBsIDEwe1XTiqZMpuiKEe2a2CGPwP-Kb1OHReJbaaQ

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 07:49:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4F91 52 KB
25 KB 70ms
48ms Script
text/javascript 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqrQFVdWUleRpU2l8w2nPc9Me06FNQyxVK3aFr88KtPTYcKx6TBkEINeJtNBdikPg3w8wPzVuJWyM0Utr3xSerQiY2zSo_VQ0CYMRj6Rhhsj1tH1P6Gacse0te_x0O0l7cGF2x3lRfRpizdxynOHT932tcTA&dbm_d=AKAmf-DrV_XKDbn8WUKeDSyyv0BBOW0j4Lxjm_W3M2-mwUbMuV_S9tKE_dzbVvPmheFjeNMFL526lOMSmjHciJIYB7oywMgDaw1gyZaRBeQfIWhYm5K5oEgA9k-dL9qVSKm7uMg71YCK7jvhtsTR4ZYKH0KMcNtFUJUu8SyU2FDLbzPuxXwAB2O0m30L6mqG83d8H-DXtIa6j8HSso5eE38TlgEGKRNj2pSbNgckiQxlXbP5vX_Wwq7f_pJGZZW782FRJ5WicTu5uS-p9zdo6GbKo2Aa5-JxaJzOQBRPpaWtmKbqj3t2sLwICF_5Ey4vLS4JnoKaeVSoFPACgLqimBxpy22gsmW06MqIV-OL9sI2ohLgWC8UEFeC4r_DkDnNWSAIHGCljLozfwefO3MRY8w8TmRkKjOgnugw0icQuope6bjjPULbTnzx_mi5akbjyRhkczvO_AiRIeMFB-sKGJmvD9DC5M0f0kWG1PbOw0Fjf8MwrCeglUU8I3m5BEiAbZR074f_iBwb7nUzu6eYgZAeZD_U24B-AmGqFme1aOs9nPPCN93C_Qinauv2-8XwX9fBC22WsUoD2jeJwgE2nsGTOxEacRSi_XWIkuDri6covIGj6GzWA8rAGpyKvhp5sy5ZYAnVnWvjFNkUKqubKO5k2T6ytiI1lA0Ctu8CgQ2R-d810Yo8p5ktNI9PCGxgJr4lsiihbqMijisNlL7bSAlbj-8maw_kV7xqbq-DGO4itMbNAQHVrfq7BkRlyGipG4AZOr_PoTE5mWOazTeXh9CYe5Z5ZJmzwCW6xM5MSMpupFGM8R7cT22bX_2uDyGDpf-yTtMZleqdEdFW1bWaV0w9VUYhcdDcSaY8cVftS3f6iFBRJnGoPN5dEeV06mXe7fWCoHfRzk4dTg21Qa7LaQ10IFm7Ps2euaAuiaCkYTLqodN0UTE0G0wsY8-dSJ-_QQPY3nrxb73Eixt41Hiau5AC6s0Cg_CpPbGUdi_Gx_jLbr5MNVEk16miftVhsLC0_4DmvhtZVW-YV4z2aiOQ4KaCmiB_Et1TuC3LO4QXOzHFwyziTPlupcjsRKhcv_M5YdYm8ZYh6n2av6i5jFbYyD1Ed5EewDrOW1rdf7KVTIazP5TR_uQMwiIDy5eclOT1fnXPXOO3QN3IgeyfJSUSVyuJMXz50Qn59Y9bPr_nm3UGYVTKM-EEgXv5qicSZypzIHdl-RChLh3_LNWT3JxptUAc-0cYbW7aaI5PDa2RJ70SehAxUWXwMqVzj37R5OoAFsbxuhATCttdOgAyv3BGe1Uoes7AKbwcs9rGYEZIPBCaheeIlhqCK6yB9CqZBSBdaq-NDO3UVWTdJf1ye0bomavpz9jZ8aE595_wpWygawxD2yTuWmmgKD8-plFAJ4YT2CTIs8fYz9GPwu8Xv_ptQB_Z82DSNk-byKsqaP9PDbtvJUSsazhhmCE8dB_qcZ4rYl5XIdX8PQtOzdUg_WDw9U-uLEWBxyAo32ccOe7ZQGuidSH9HavQc9ITrJbPj0G3uXusmy4x33LYMHp4JLblqRBxfLd2SibOiJ1v9HAe_GzoTmQIZ-_g5pgHSy7T6oB3CPiOLvviIRvVyPx3cjunhBbx07vb-7T6xSx9qJNNvJz0xSgG4NYMniVE-3y4GDwwH2A7BfWUQW5qWwTkrc9q93_4yDkT44dzsYciSC1-YTGDnp5_1nwWZRhDnzzP2VOb7CmE0x7O3Enxo7wLTrnlcse2fAjsbytmUOxusgZ_-BjJXyAcH5RzeE4UBilQHF2XjKlPLzOwRbi1RgxVDsDBsnXebDYYxuqDHb4n4XWz68zq2gK0pid-sEvjVGJDSZ7SjGLf-kHr8XPmaxI0wtmDaW91hG685gbB488Wf8iTb7r1ICpfWs6boBhkPD0KqqUnfppUK9NZsIBpgl-su0qDb5T6xZdBEkGZzuoRjmE97R4DxpbHtUa2X1HDviTkjCQ4XNYFDIWngaP1K5hOCoDTkRxD8M1XyYFI_w4hkiOUgYsAdsqn00AoDkxkElsz94ItJj5QhMCTHVkLoav9NgthJhazzt0GVRBSThzppUDnLkBiL-s1VrwKK0toGwN77sFQazShNWM4dIJoQihUg3rwOS-amhv51Q0uJRdqNkGTl07cPgwNfEZXFjNZFY6uuPZfTiRnSpLWrLiYtwOhHXu4f2GPAwYvR0tpYhMzpq8_49YNtP3J8fN_vUYGG1SEF-SYJS6JEJurofx6b4-L-92-uT4jyTHVcZpMQyGwyI7ZRGEmWIIb755KzJl6CmsIJ8LuUeXx-ZmwmIo1xPFllQsZNSS1qRZhSbassSnDM75HF8Y9maHqmKrFjI7zGmKwxgepW4S7tKbdyCxpUPwpLkOzuhDlscEGsgYLwFEQdt3JNoa_Lw6zDy2CIt_mHL5N84_6VebfBDXO1GG-l3xbM3bJ6yt_X4fFlsnpPuOnqJUztRHTPCXfekDEDCtZN_FJrY1ygG4cvS7b6-EsAot8CsKOarY_K-RSmj_DQMg47dHpqAg9TsEFW2DsuWj0LMJzW2ds63BLQ1wm6nFhUdCDjx71GT8O8fTZW0lLsj3Y7yvXdD6p9NJS2hIqW26RnWTCE4lxgb2d-UNvZTUVL4CSH_zxCDZM7YGXvEGJUZuvgazRBqHdMWmo3t0hiMu7qp2-3wrfO5PEmKH040vAc0ExXC5ecx6qW70yFFysPSl7ejPOls-oNzZNA40aFSzaik6ungj5eB5nYq5S70BlXawspnOmwW1w7IWdDYvqBhL3swEzzuWkXZUuC1zmGV7CJC9kubFmCaNNHfdRVsPCIA0P-tG4_68DsHWq4Dw2LQw9n1nxSQX8aGRwmxeR74RDHSaALHaCpYFXGgDHD0p3nOt2JlwN8pvdInhkqJY3A2uLUnh_Vrqs0LNSNu4oqgF2EYWZhGxH7S1DNCpbUu8yOChsxMn6J8Wh9hy0rWyopa9RkcqKfnE9gCAalMFQ7Mz-nufnGsffWC3NP6o9Zll8VJKUk7Crh0X1EO3dEHzt1vQ4iOFJali3y-E4tcRDWTEPHvW9BZt5xpgN-p79LLRCackcq3jkimOspKyCrOdhwvGskttA0p5lKGTfwD-QMGCKsUtf4A_djt9ZASKewqlyPgpkR1JZ0r9TlZ1yAnMo0f9RlYDyGIzptSbGt_XROSY&cid=CAAScORoPVvaLxn6cZjlBpr9cl2ZXPfRrEiH82eEi8RpOwuooudGdhtwQHpiLn6x_ZcveGXHeTvzsuLQH7ZDOIPxWZqh64LLuDEzTRtUtL-x0vsB99_SMQPgKnN-u76SiDI9GNj8Rd8tvvXMZWGT2r0JKK4&rfl=1%2Chttp%253A%252F%252Fwww.hellokids.com%252F%240

Requested by

Host: www.hellokids.com
URL: http://www.hellokids.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

389db59512d1d9adfee376cff6f534ea070b35f18931566a13e2149d78ef2b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25508
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F91 42 B
110 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtBInNfXO9ZWR_imar63MbLAe--Y7aHmFG9u6KH8QfKxjBjrBly49a4_IGz-4T4vzBJ7Fzu3It2rS7X2aHSHVa4tGBwYVEBPZ3yomolI5E0EfXLUo

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 4F91 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:47:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F91 119 KB
36 KB 68ms
36ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 07:49:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 4F91 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:40:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4F91 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnOXhAtNeRMxAD5Z-ApVYZpkVxlOWJHR7ayY2VdpAe-Qe-lPQQTgmrMTCWi1VSOUgWOYqI
Requested by: Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C6E5 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:54:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Nov 2021 03:54:54 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C6E5 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Nov 2021 00:06:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C092 143 B
426 B 8ms
6ms Document
text/html 2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 07:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C092
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
173 B

55ms
54ms

Document
text/html

2a00:1450:4001:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 07:49:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 07:49:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 07:49:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 8 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/logo.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb2619044a1251471060f2768dc67322fa0b6c86b5885ccdc8c0a2748a7f8c0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3035
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:17:05 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:17:05 GMT

GET
H2 200 text_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 3 KB
1 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/text_01.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b4e0f87bba44add52f7f4a50ec9972d861ce8fef4d9962bfd574be88782ba2e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 978
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Mon, 08 Nov 2021 00:39:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 00:39:48 GMT

GET
H2 200 text_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 3 KB
2 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/text_02.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54b60d28db9ce90abe807535c664d3e3b23e2eabd1b92c6e7cc55076224d9beb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:17:05 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:17:05 GMT

GET
H2 200 shine.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 1 KB
1 KB 13ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/shine.png

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46727a487278ed01069659abaec10f7dec3fe34ff7f80c5f4619ea8cef6da0dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 285009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Mon, 08 Nov 2021 00:39:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 00:39:48 GMT

GET
H2 200 cta_ghost.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 10 KB
3 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/cta_ghost.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647510965a3089f844d2c16d28b82ae941c281be8bdcd46c022b563308816f29

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3146
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Mon, 08 Nov 2021 00:39:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 00:39:48 GMT

GET
H2 200 cta_orange.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 946 B
645 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/cta_orange.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26cde998d6305d613338e8f6fdf7c9e71ee93d595ebecacb74dce0ecb70bf03

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Mon, 08 Nov 2021 00:39:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 00:39:48 GMT

GET
H2 200 cta_black.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 706 B
519 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/cta_black.svg

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1061e809539dbf2806b0bd60eed37568f54612425ec9837e4b0e62a224c1bb3e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 448
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Mon, 08 Nov 2021 00:39:48 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 00:39:48 GMT

GET
H2 200 bild_03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 16 KB
16 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/bild_03.png

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a29f39d0e516d7eedc41c4803d8b32c09e465afc3231855ca90ce3544c0e1892

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 116905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16423
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:21:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:21:32 GMT

GET
H2 200 bild_02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 16 KB
16 KB 16ms
15ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/bild_02.png

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c894be1d1bedfb71cc4816599e53a8f11cf904931aa6d1055b853fc2da00fdb2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 116905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16601
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:21:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:21:32 GMT

GET
H2 200 bild_01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 14 KB
14 KB 16ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/bild_01.png

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59a140f5fc6313c3e4896aef588898ae4e80ef85d1caed8fb650626e2ad8926

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 116905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14156
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:21:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:21:32 GMT

GET
H2 200 hintergrund.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/ Frame C6E5 36 KB
36 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18366586777801201837/hintergrund.png

Requested by

Host: 0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
URL: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32a9dff4e6640bac019958e1a9806a7132cd4c1d42a7d02a75b88ae1f445ddfc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 116905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36660
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 17:22:18 GMT
server: sffe
date: Tue, 09 Nov 2021 23:21:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 23:21:32 GMT

GET
DATA 200
OK truncated
/ Frame 1516 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09a1567c2bdec7a443fd83212a768192ec5dff7bc3b57859656e8682ef214b1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 4F91 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqrQFVdWUleRpU2l8w2nPc9Me06FNQyxVK3aFr88KtPTYcKx6TBkEINeJtNBdikPg3w8wPzVuJWyM0Utr3xSerQiY2zSo_VQ0CYMRj6Rhhsj1tH1P6Gacse0te_x0O0l7cGF2x3lRfRpizdxynOHT932tcTA&dbm_d=AKAmf-DrV_XKDbn8WUKeDSyyv0BBOW0j4Lxjm_W3M2-mwUbMuV_S9tKE_dzbVvPmheFjeNMFL526lOMSmjHciJIYB7oywMgDaw1gyZaRBeQfIWhYm5K5oEgA9k-dL9qVSKm7uMg71YCK7jvhtsTR4ZYKH0KMcNtFUJUu8SyU2FDLbzPuxXwAB2O0m30L6mqG83d8H-DXtIa6j8HSso5eE38TlgEGKRNj2pSbNgckiQxlXbP5vX_Wwq7f_pJGZZW782FRJ5WicTu5uS-p9zdo6GbKo2Aa5-JxaJzOQBRPpaWtmKbqj3t2sLwICF_5Ey4vLS4JnoKaeVSoFPACgLqimBxpy22gsmW06MqIV-OL9sI2ohLgWC8UEFeC4r_DkDnNWSAIHGCljLozfwefO3MRY8w8TmRkKjOgnugw0icQuope6bjjPULbTnzx_mi5akbjyRhkczvO_AiRIeMFB-sKGJmvD9DC5M0f0kWG1PbOw0Fjf8MwrCeglUU8I3m5BEiAbZR074f_iBwb7nUzu6eYgZAeZD_U24B-AmGqFme1aOs9nPPCN93C_Qinauv2-8XwX9fBC22WsUoD2jeJwgE2nsGTOxEacRSi_XWIkuDri6covIGj6GzWA8rAGpyKvhp5sy5ZYAnVnWvjFNkUKqubKO5k2T6ytiI1lA0Ctu8CgQ2R-d810Yo8p5ktNI9PCGxgJr4lsiihbqMijisNlL7bSAlbj-8maw_kV7xqbq-DGO4itMbNAQHVrfq7BkRlyGipG4AZOr_PoTE5mWOazTeXh9CYe5Z5ZJmzwCW6xM5MSMpupFGM8R7cT22bX_2uDyGDpf-yTtMZleqdEdFW1bWaV0w9VUYhcdDcSaY8cVftS3f6iFBRJnGoPN5dEeV06mXe7fWCoHfRzk4dTg21Qa7LaQ10IFm7Ps2euaAuiaCkYTLqodN0UTE0G0wsY8-dSJ-_QQPY3nrxb73Eixt41Hiau5AC6s0Cg_CpPbGUdi_Gx_jLbr5MNVEk16miftVhsLC0_4DmvhtZVW-YV4z2aiOQ4KaCmiB_Et1TuC3LO4QXOzHFwyziTPlupcjsRKhcv_M5YdYm8ZYh6n2av6i5jFbYyD1Ed5EewDrOW1rdf7KVTIazP5TR_uQMwiIDy5eclOT1fnXPXOO3QN3IgeyfJSUSVyuJMXz50Qn59Y9bPr_nm3UGYVTKM-EEgXv5qicSZypzIHdl-RChLh3_LNWT3JxptUAc-0cYbW7aaI5PDa2RJ70SehAxUWXwMqVzj37R5OoAFsbxuhATCttdOgAyv3BGe1Uoes7AKbwcs9rGYEZIPBCaheeIlhqCK6yB9CqZBSBdaq-NDO3UVWTdJf1ye0bomavpz9jZ8aE595_wpWygawxD2yTuWmmgKD8-plFAJ4YT2CTIs8fYz9GPwu8Xv_ptQB_Z82DSNk-byKsqaP9PDbtvJUSsazhhmCE8dB_qcZ4rYl5XIdX8PQtOzdUg_WDw9U-uLEWBxyAo32ccOe7ZQGuidSH9HavQc9ITrJbPj0G3uXusmy4x33LYMHp4JLblqRBxfLd2SibOiJ1v9HAe_GzoTmQIZ-_g5pgHSy7T6oB3CPiOLvviIRvVyPx3cjunhBbx07vb-7T6xSx9qJNNvJz0xSgG4NYMniVE-3y4GDwwH2A7BfWUQW5qWwTkrc9q93_4yDkT44dzsYciSC1-YTGDnp5_1nwWZRhDnzzP2VOb7CmE0x7O3Enxo7wLTrnlcse2fAjsbytmUOxusgZ_-BjJXyAcH5RzeE4UBilQHF2XjKlPLzOwRbi1RgxVDsDBsnXebDYYxuqDHb4n4XWz68zq2gK0pid-sEvjVGJDSZ7SjGLf-kHr8XPmaxI0wtmDaW91hG685gbB488Wf8iTb7r1ICpfWs6boBhkPD0KqqUnfppUK9NZsIBpgl-su0qDb5T6xZdBEkGZzuoRjmE97R4DxpbHtUa2X1HDviTkjCQ4XNYFDIWngaP1K5hOCoDTkRxD8M1XyYFI_w4hkiOUgYsAdsqn00AoDkxkElsz94ItJj5QhMCTHVkLoav9NgthJhazzt0GVRBSThzppUDnLkBiL-s1VrwKK0toGwN77sFQazShNWM4dIJoQihUg3rwOS-amhv51Q0uJRdqNkGTl07cPgwNfEZXFjNZFY6uuPZfTiRnSpLWrLiYtwOhHXu4f2GPAwYvR0tpYhMzpq8_49YNtP3J8fN_vUYGG1SEF-SYJS6JEJurofx6b4-L-92-uT4jyTHVcZpMQyGwyI7ZRGEmWIIb755KzJl6CmsIJ8LuUeXx-ZmwmIo1xPFllQsZNSS1qRZhSbassSnDM75HF8Y9maHqmKrFjI7zGmKwxgepW4S7tKbdyCxpUPwpLkOzuhDlscEGsgYLwFEQdt3JNoa_Lw6zDy2CIt_mHL5N84_6VebfBDXO1GG-l3xbM3bJ6yt_X4fFlsnpPuOnqJUztRHTPCXfekDEDCtZN_FJrY1ygG4cvS7b6-EsAot8CsKOarY_K-RSmj_DQMg47dHpqAg9TsEFW2DsuWj0LMJzW2ds63BLQ1wm6nFhUdCDjx71GT8O8fTZW0lLsj3Y7yvXdD6p9NJS2hIqW26RnWTCE4lxgb2d-UNvZTUVL4CSH_zxCDZM7YGXvEGJUZuvgazRBqHdMWmo3t0hiMu7qp2-3wrfO5PEmKH040vAc0ExXC5ecx6qW70yFFysPSl7ejPOls-oNzZNA40aFSzaik6ungj5eB5nYq5S70BlXawspnOmwW1w7IWdDYvqBhL3swEzzuWkXZUuC1zmGV7CJC9kubFmCaNNHfdRVsPCIA0P-tG4_68DsHWq4Dw2LQw9n1nxSQX8aGRwmxeR74RDHSaALHaCpYFXGgDHD0p3nOt2JlwN8pvdInhkqJY3A2uLUnh_Vrqs0LNSNu4oqgF2EYWZhGxH7S1DNCpbUu8yOChsxMn6J8Wh9hy0rWyopa9RkcqKfnE9gCAalMFQ7Mz-nufnGsffWC3NP6o9Zll8VJKUk7Crh0X1EO3dEHzt1vQ4iOFJali3y-E4tcRDWTEPHvW9BZt5xpgN-p79LLRCackcq3jkimOspKyCrOdhwvGskttA0p5lKGTfwD-QMGCKsUtf4A_djt9ZASKewqlyPgpkR1JZ0r9TlZ1yAnMo0f9RlYDyGIzptSbGt_XROSY&cid=CAAScORoPVvaLxn6cZjlBpr9cl2ZXPfRrEiH82eEi8RpOwuooudGdhtwQHpiLn6x_ZcveGXHeTvzsuLQH7ZDOIPxWZqh64LLuDEzTRtUtL-x0vsB99_SMQPgKnN-u76SiDI9GNj8Rd8tvvXMZWGT2r0JKK4&rfl=1%2Chttp%253A%252F%252Fwww.hellokids.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9506
x-xss-protection: 0
server: cafe
etag: 11173536317444432557
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:47:39 GMT

GET
H2 200 11484_Upfield_halfpage_GIF_coffee-crumble-cake_300x600.gif
s0.2mdn.net/10903719/ Frame 4F91 112 KB
112 KB 328ms
9ms Image
image/gif 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10903719/11484_Upfield_halfpage_GIF_coffee-crumble-cake_300x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e1ca1e3c4438d0c5d2d7b5f408aa97bf7c85355d8b8f9600cf07e51a60c79c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 15:58:29 GMT
x-content-type-options: nosniff
age: 57088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114328
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:30:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Nov 2021 15:58:29 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 4F91 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 07:46:01 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F91 0
571 B 366ms
51ms Ping
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpKeF7jlqgceaiPVUSDiTmMKAZi-pteYqOnGdsPHQ1Iu5FmDOo_86v9qcYCRriIYwpiFS4ciMsRdxPYGgUA7ov9cdmCVRe0OlPbEriYzYyqdF_PV3S25Pa1CBnc0rsdKi42tcGiUmsHqGZG6jymKSalod99Q1wFOAG9YEGM10WT75NiSWYC54oYIpG63Kp6CNiju9nYVON5S2A9Bp5EUP3c3yb_9E4ZNNW7zVkHXT9f3pUjTFHgWYVkQ5T7Wgo2SBA7FyY4wIpy3OS29pifgrSFnYCc1Wlp8sKzZReQnYV1xRMN0fDIoOCRK018pWaEmunxS2n5VrfnA_ygzKsVHIR9pcd_8Fs_mheze0K5EpUtURFXezE4BGUTbDgsQuU8HXqDr1Fz2-wXBq6D4oHFrp9sRGngFXZdk06DRGpLua2QubmjnEsRNjIOv7y9cGtTL5S5uN-cwLy4J7-aMwpW0vxIsqwYIZObRifF0_ohnyCJWF__P7Q3cCfwJz7wICNVlzko0FIG0pJ9hX_Uj-1MU1H0BiJZM-qwMG1Ot6TWpLFU-p5hxYg77zmNaUx4Af_y4VnAe59nz75OyhN6yjvRKOBzZycD_4RqQghrmXNIPY6amTiTj4jgU1EpGeZ8qQSDbS-QCx46g-GKE82NJEo7pFgGwpxiRDudi7oCQ_qAILtG65pCq_QZ5FgLTQfy8TChiYsJGSgCHZfiirJeOqKgOVAbcHODs7caJfcvPmkLS3w14tQKurJGtMBRVaopwgkvFkVe-fv1ul3boATx5SmUdNhidc2MHTdt9v5ShaLHs8VbBSL1JKAIINi6Rh7-MFp1LmuDKjlWLtKCMC5uk4jOxtJKbNok9AoM2jvv2-g1D5xVI9y3Z_7Xz2MizY-PEf-HOqmSsDfUa6X58ld9qChorEzbFLad0Q035q0EjPAzi0dKjQnQ9VGv5VCBkVu8Vm7MGktpyokxr2I8k_R_Q27PXgXoDGLnXiAXNRjRhEaiS2RQPBosZNJ0MzDRl-GIwzuimEwUGa8cjpt7kt56Wfal2mXk5o2rMEmnI2906hAmb3Po46JlGG3Gb9kxeBW6tL0SKoW4t65af5O3d-aavFQ8WCbHblXyYifRl2B86e031N360rK036m27rEHxRqN0fcNAYK6_PUmrZXhb5A4w&sai=AMfl-YSV6mvay2YJzycIMqqhdZBBRsfQXL89xCRN0s9RWZoOo9spaIKgxGHCI9FZPzmShjY9xEnu294RhocuKlrBFiaalKNHw1T6D_relHX2xH32Mg2-3xX74CuBl2rMw8Ft-fUMRukOLZpIKsHrhXihNJRVCCX3dP-z7pIy65EScTBTqngt7mR-IZ3fR3B37P8-x7OoGE6FfnGBEXXCl7X6Iv973MuCuMzOHQ1x1Uf2KvE-ZEJAp7SOdi6ahNfB6wJSP3JJj1Q2PTmVAGGpK8nyrdeMVM1ZKDn52P1QPqVMvQny6YEekK_-oMgF_041zKrMb1EjUrc7Jw&sig=Cg0ArKJSzNhR6ohU8veVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.45027&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 11 Nov 2021 07:49:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F91 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 10 Nov 2022 14:16:35 GMT

GET
DATA 200
OK truncated
/ Frame 4F91 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 768e25880b6ed81a2fdc8805f8893bb8615ebc85956b3f334adfac8d1d75ee12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 499E 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 63143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F91 0
60 B 44ms
43ms Ping
image/gif 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:49:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response
pagead2.googlesyndication.com/bg/ Frame 499E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13531
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 20:23:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 499E 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B356eJMuMYY38PJvD7_UPvPCrgAkAAAAAOAHgBAI&bg=!qKulq-_NAAYDGbPvAxk7ACkAdvg8WjRy0xgoEaGG_cdn7c1QyKdR2qXrsJkP5Pnc6KWpvJPje1e4-AIAAABnUgAAAAtoAQcKAAgf86IsOJPGxJkDIsoSGxJktdst1gz0IEHsdlsGRSi-GwH_i9waZ3YctW3M91C4H0adH3fHdPzW5VxoJcWu9-I4sW4jLXK2RJBu5cQj0tL_T0fWf_wkzUL1d-9gJj4Reh1BWO9lZWTFD8gsMgQ1wuhHM87GqM0w7RfilUePkAsy7SazzUvuJp2Oaa45_emrLoppMMQQ9Th6zmttAaDuCZJCOYEoZ5rwjKGX2Teg-yDh1j0PhGjCXNGdx0xyueY9zXyRgbuKKlCSedWi9ZtZwld8ZHbi8MTRAGcRUv2JLLvcxRS1kuBWUpxRQqNGjejKL4Quuvue913fxZJcj8pPIW9uZOtbr_-I_piR8f6_Xm9taLWTsIcBpyl4yIzpPF9yaWVSkgsLANVEdLIKSrFjieUZU2JQKbj7O0qEx2od47LuHQkEfTHPFjO7vbwjT5p-MJK9QHN-raK35CeiSfS2x5udbz9xBmq397GfF9WpGvuO9zrx89377_Jrn6R-hD_Pf59Y0Kqe3nC8WFWqMS01lYKWn7jzrc3BU-OboQRHn2qSbN9FNg2BJsHT_wKxZmqg289pJ7D8WbOAtgORGh8-MF2dvr8SdxwAGVtHtYSDdmaxwyrxdcL6iV26TvNPnc1mcj_3xsSXTmcHb5xbo8jgAQFXJjvWPQ56NXygqd0JpHiQEnW1G0l-aUZOJ0DYNJ38Kqp4xVyFtl9X_ERTCYePwm_fRrzykn11OLYAFHVKqHjOvguECcv0sShNEKoJkBGbds32i3iyCO93NB_pRJrWUPJQPb7scKL5KOV9PR20VNSARHbMqjLm3CFVw1o3n-YCx6ZLkRv2UCPnGs7ChI2zyH3y4HjbwjeG5DIBM07ppSu2KpN3Vv4eayzGoW8Y6K_uAIhEou2spLWB9JZYlZZXfbJhhKS4OkaDxO8AcwlMdObk7T1zl3_UrY8uNSa1Pmv_-QTqDIxbJ_v5XXT1wk63xRlvcl6Kc95dsaW0q7cOzekbKAKLIBDDhAt-qG-x0EQl-XO-lKzXtmSWnNZjEQGu3jwVHZdHtBuQBOQfawQE_DdW7WcYB3TAsNjIPtqi5P0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:49:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.hellokids.com
URL: https://www.hellokids.com/design/normal/assets/logo.png

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hellokids.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4poqg7gofr2uqb1dq8lmo9a9j7
www.hellokids.com/	1970-01-20 07:22:32	Name: JDSwidth Value: w960
.hellokids.com/	1970-01-20 16:08:08	Name: _ga Value: GA1.2.2002329014.1636616990
.scorecardresearch.com/	1970-01-20 15:53:44	Name: UID Value: 15KMUD41VCODMZMDOZ439Tg1636616990
.hellokids.com/	1970-01-19 22:38:23	Name: _gid Value: GA1.2.1037920850.1636616990
.hellokids.com/	1970-01-20 16:08:08	Name: __utma Value: 191970867.2002329014.1636616990.1636616990.1636616990.1
.hellokids.com/	1969-12-31 23:59:59	Name: __utmc Value: 191970867
.hellokids.com/	1970-01-20 02:59:44	Name: __utmz Value: 191970867.1636616990.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.hellokids.com/	1970-01-19 22:36:57	Name: __utmt Value: 1
.hellokids.com/	1970-01-19 22:36:58	Name: __utmb Value: 191970867.1.10.1636616990
www.hellokids.com/	1970-01-20 07:22:32	Name: cmp Value: j=1&t=1636616991
.hellokids.com/	1970-01-19 22:36:57	Name: _gat Value: 1
user-sync.adhese.com/	1970-01-19 22:47:01	Name: user_sync_domain Value: ads-orange.adhese.com
user-sync.adhese.com/	1970-01-19 22:47:01	Name: user_sync_protocol Value: https
.360yield.com/	1970-01-20 00:46:32	Name: tuuid Value: 320bec3a-75ee-4b96-92cb-ebf456af817f
.360yield.com/	1970-01-20 00:46:32	Name: tuuid_lu Value: 1636616993
www.hellokids.com/	1970-01-20 08:05:44	Name: __atuvc Value: 1%7C45
www.hellokids.com/	1970-01-19 22:36:58	Name: __atuvs Value: 618ccb2138842a80000
.addthis.com/	1970-01-20 08:05:44	Name: uvc Value: 1%7C45
www.hellokids.com/	1970-01-20 07:58:32	Name: lotomeConsent Value: {"analytics":false,"crossdevice":false,"datasharing":false,"targeting":false}
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_id Value: 3b9a0a5783182169181a0cccde275588
.crwdcntrl.net/	1970-01-20 05:05:44	Name: _cc_cc Value: "ACZ4XmNQME6yTDRINDW3MDa0MDI0szS0MEw0SE5OTkk1Mjc1tbBgAILEntOKIBoCuA%2Bsa5FjXJXL8J%2BRkeHdkjksMPalU4%2FYYOzd%2By4LwNgfP1vCmBs3PuWGsY8fPcQMYx9ejDDmd1eXDlzNpilw46efUIcJAwDiijkE"
.crwdcntrl.net/	1970-01-20 05:05:44	Name: _cc_aud Value: "ABR4XmNgYGBI7DmtCKQggImB%2FboUiMl%2BnQtIAgBBhwO8"
.adnxs.com/	1970-01-20 00:46:32	Name: uuid2 Value: 9198878619193000621
.rlcdn.com/	1970-01-20 07:22:32	Name: rlas3 Value: SwvLL/1Unih8xTaQnINa9sCfic9ve/bSZlFvq9pIkKU=
.rlcdn.com/	1970-01-20 00:03:20	Name: pxrc Value: CAA=
.bidr.io/	1970-01-20 08:05:26	Name: bito Value: AADSBk7DGZYAAChyICqh4A
.bidr.io/	1970-01-20 08:05:26	Name: bitoIsSecure Value: ok
.doubleclick.net/	1970-01-20 07:58:32	Name: IDE Value: AHWqTUkYSrKZJykhRtoT28jzES2M_9RZWX7GKjlHFSeATYmiCec45ZPT_8JKbS6LSy8
.hellokids.com/	1970-01-20 07:58:32	Name: __gads Value: ID=a825275ae249e595:T=1636616996:S=ALNI_MbAo9Y2rePpyHa7FqyzQ1EM_qP-HA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://assets.casualportals.com/gdpr/wall/hk/wall.min.js?1636616990638(Line 4) Message: Mixed Content: The page at 'https://assets.casualportals.com/gdpr/wall/hk/index.html' was loaded over HTTPS, but requested an insecure element 'http://www.hellokids.com/design/normal/assets/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://user-sync-orange.adhese.com/handlers/improvedigital/user_sync?u=320bec3a-75ee-4b96-92cb-ebf456af817f Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static-dmp.mediaglacier.com/tm.js?id=8da8a54b-44fc-4319-b865-3320faca427d Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ec4e9f75df7ba695474dd846c11d51e.safeframe.googlesyndication.com
ad.360yield.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ana.headerlift.com
assets.casualportals.com
audex.userreport.com
b.scorecardresearch.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.improvedigital.com
hellokids.com
idsync.rlcdn.com
images.hellokids.com
match.prod.bidr.io
ml314.com
pagead2.googlesyndication.com
privacy.crwdcntrl.net
pub.headerlift.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
service.cmp.oath.com
static-dmp.mediaglacier.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tags.crwdcntrl.net
tpc.googlesyndication.com
user-sync-orange.adhese.com
user-sync.adhese.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.hellokids.com
z.moatads.com
s7.addthis.com
www.hellokids.com
104.75.88.126
142.250.184.226
142.250.185.226
142.250.186.130
143.204.95.188
143.204.98.129
143.204.98.13
143.204.98.82
143.204.98.87
2.18.235.40
205.185.216.42
2600:9000:2156:9200:4:cd76:8580:93a1
2606:2800:135:155a:23ba:b2a:25ff:122d
2606:4700:20::681a:c79
2606:4700:3034::6815:5192
2606:4700::6810:5814
2a00:1450:4001:802::2001
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9a
35.205.165.27
35.241.44.156
35.244.174.68
37.252.172.36
46.105.202.126
52.16.151.94
52.17.84.146
52.208.138.90
52.51.66.223
54.194.226.253
54.229.48.81
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c07914be97a768bd226b1a1e17a8d721cf7504b98b3e7ff039f9be9406ab7f
09a1567c2bdec7a443fd83212a768192ec5dff7bc3b57859656e8682ef214b1e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1061e809539dbf2806b0bd60eed37568f54612425ec9837e4b0e62a224c1bb3e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129907e3b2e66c725d0d63576411ff6660b050789b9d1070042b75fd55379b74
13368c2b8db618d4e06044fecf9ab35aa35c64cc09dad589a42d31d1ca1017ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183176fd96255b2ea26bdda777f82ed1617011335e73f31b4c2112164dbfd946
1a805111179f399127311c380a95358ca26368b5aac5e28fbd427d78692c00c9
1f8e8b83b48b157062193d063f9f6b29bd68f21e45af07035e3dc09bea9c3ef1
27f9d26322f78a764e82384fa7afaeb110a3ad4ed17b0182bf51713f5ebad42a
28fd42ae87d2501dfef98797abe9cb36beb4066f3f071362786f9ff4bee51d32
2a272973074a844d522be382921a4972b4a1400008eac1cd438bac01060ee0d5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a8e3e87da7aa8204ed5125151da02e2ca7d7023cba6bd36aea20df438d8b95
31bb27151e5b8acb3dded66d54932973c5dd10eeb7a00d1082b9db68ef8c94eb
3293064e6f191da40cf0442eecf380a4ebcad100cf5500be30260d40d00c1ddc
32a9dff4e6640bac019958e1a9806a7132cd4c1d42a7d02a75b88ae1f445ddfc
3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d
37ec7d45e8d2486440fd826b08d78543f589e9fd40d960605ea8887e9cdaff16
389db59512d1d9adfee376cff6f534ea070b35f18931566a13e2149d78ef2b89
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ad4d181306bcee79eae3016b31b1f1b45c6f788c972a315f4089d4449f728b9
3b478a2ee0445b4f9c9ff1792a3121871c25a4f41a3a5e86f38bebd295848af5
3b985f0ae57cfbcffa68f5b37f177f436158f702f845250a2bbfd34024cfa3fa
3d04ac39ddbf196cad9bf221f474eb22deee85d6896fd982921f23c3402e8b1b
3fe771c4d2c27676266716fac328e257915baa6ce81a6d064d0c13998e719757
447ffe4040fc9d0761f896e3ef3b37e2220744f4d3e3760ffe1f216f3d0e4e54
46727a487278ed01069659abaec10f7dec3fe34ff7f80c5f4619ea8cef6da0dc
4a05e71240c0b567f4e1d078fd710a429e4752a04422fb281c31ff5a0d2e9184
4ba817dc36c6c8fda9dbb5ef5b3ac04491fc4611f51d85a18d65bd0f0f4ca99e
4c1672e10e32db6aa94b3240ef597b807aea3e4eac962be1dd5d51a94c2e6666
4c710f534bdd026edde1d2b331fc533be545e094f3ab951c329b7374729994ca
4e5de39b36ba48df3537a4ca25019cbc2a0b611b007c951ba4d817796d46618d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
505409be95553ec817c8cf14e89b6bc5b6a8ebe56732a2677807e61968d4610c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d1f50c4cc1167787503785d0d2aa13266f70403572387595a4fbd93620a6b9
51fee51e18c99780f6c62754ab5c4396b93e6c59d7d29d3eb4245a0cfe54f048
52093a4ed7c7938c65b4f5786824bb3c38b9d897ad3e27aa7bca7bb0a8dd9bde
546d99f344ab0f9284844eb763ba6b14e5662bb64581e38956569d144605f914
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54b60d28db9ce90abe807535c664d3e3b23e2eabd1b92c6e7cc55076224d9beb
564dae37a38facd57f38c5c6cd9f2d6fc653fd5795a2b4162c9d207afca6b498
571693a30fa6d3724dd0a93f6e9df14fc0275bf14b8c5a0c6a4e6ec315be2cea
57639b65658b629bd618bf667bf054afc3c63247aadec9f3d3fee427f7bcecb2
57cc3d8e154ccb863b83f536a606c9ddab56fd8456fbe17d1199ac7ecd33a335
5a8c6a8f5baa0ea18998ab75b1a390e962a0d9a3430ea4a2054e88a54614b7e0
5b6952ee9449f9d1f428a8de4c3297404a5c520a838173b24e28197a8c232497
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62125a9355cdffdfac64240d7df0dd0671a6eb21a53707cd0d79d5f6dd32ef18
6445ec7743bf67c50fb7c7a8409e97e7934ffea4bec4ba409d20be724b5f308b
644dd72d9fd66655b1024dc9451cfaa5f6916d7c8e1d250c62f85b5e3acb1680
647510965a3089f844d2c16d28b82ae941c281be8bdcd46c022b563308816f29
673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
68b8a79f0f86265055bb433d7a15c4a6d03cc7c8fca14410a58952d54df9a0e4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d01e896151f3b7ea9ac5f0e4e260d2ba6a80b4f78841ce84bde7135260f2a15
700843fccd1b58afef256af34c0f1e98325cc132f7fcde17ba05a11c77cf2f2d
73021e14667a9ffdc76a733faede6168ff4699e19f1bd880738c63fa506e87db
768e25880b6ed81a2fdc8805f8893bb8615ebc85956b3f334adfac8d1d75ee12
76ca0fbd2f124d35c7036a643e6e79c74d5734fde758c06304ff3a7dfd64c1f0
774388157c7a32361044d8b5f6d325b1bfe828ee33d80bbf385f2a9f9477d8d6
7a3cb8a3345a9687dd44a5b6f0466e58cb64daf89e597c7e772c7a565085b735
7a963a107930930cbdd70e8adc0cc856093ab12a2d8e6ad5a8b0085331ddad90
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
7b1cb90023c1a9e942904db8d2c46433f4fe679dc1cf038724b49eb9a5f3bf60
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ca6e3aa6bfd94850d1703c250f5042c306c9c4670219a920439668faf7fef03
7d34a703dec65f7505fcfc4dfbb7e40649ddb28823bebe499c67fdaaf95acc8b
7d4ac15b765c90eb02650545a957b9183cdbc36c30b65eeea7c8f3f2099ca8d9
7e083596f2f3ba0acc16d0e0a0f2edb369e599e3629bc28d82c929b6cf5e473f
80ac77c40134c4270f86f0c1d60b12d7c2f5e1ad3221eb80d780ea6fdd78f00b
82941c559af5a2464d88e8b4c27a43bd343fc7f195803245a5af54be7d79b5a0
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835749511ce718f86a93fe8cccb58c474a32afe1b2da5835ef2288330bc16df8
83a86a42d721e4c7f95f54ab40e12afd52d67191d2d7c9c758077ad079df3914
845d110e17690fbf7a1aec7747163c5a9d815ee1c3ecf2e187b61118c4b98d36
851cba871108aa7ddbdf605cefa61c7fb5c06b94f467ec6560d2a4e6f4e8064c
88940f1ddf7bfc72cfc92d654a671a01df723c4a2e2fcf273937a08cac5cdfc4
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89ee829ea786920b9b4c55f324839d8fe351d759f1c2a06484823c5229ed35c6
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b4e0f87bba44add52f7f4a50ec9972d861ce8fef4d9962bfd574be88782ba2e
8b5eb552422b56cb9d01dd210a680a9cb43b4e60e8a723cb222916f1b4c19907
8bd0e8f198b244ea4f0829e657744fd2a37bb04ee74b13ebbadfc342e7ee7c10
8c5ab57fdb4782d99913aa44948416e281a4536d884a18462b353f0d320368cc
8de34bf0e9007189d2af1c5262963a453e3bc98718979be91ed3e89332554180
8e65ca7b66af1a6caaf57f3cfddd2af0514100b30846bb31162c56504368d785
922feb6b119446bd220800790b2dc170d993e682011b5f83503cc1f832951375
955972ce46d3dc6eccc51c51228c6d09dafacca4633d960553e2b222af7d1224
957184c79c841154eb60034645260ce9bf63fd815e67cc65ce94b63b08733422
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9716fc326a5af52ade7e33aae3e17a008fc0d16c9f9158de9ef0963fac2af00d
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
97719eea9e319c7ea07540538a78c9d923fb6cd3d1868f7216714ae0aac552bb
97848593a40c1251b3ffb13e9ee2ac63dba25ada2345a3445080857b4f3bc21d
98a05afefa4b10e029f131bb848569b7d0a2ed26e648e12504263e9db14cf8d0
9ad8d07cb5c2ec14f39f148e14faa02b4ed80367d8547cd6c63eb8aaf919492f
9adf2e1bf6d3cd95e37e64faac3cb23991e767abf1aae1e8ff300712634e1552
9b8f309fa62a05aa753c452ef35cb3a5ac36249df7bad78efe4debe48c37ff11
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9f0b9fb952baee5e360fa155d4836e88ef38c195bca6804f9eb4166d8c646d41
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29f39d0e516d7eedc41c4803d8b32c09e465afc3231855ca90ce3544c0e1892
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a589c82d137fc5e485a03888250c9b3fa7b08a65f2b3be6b6d742fe639406d68
a5dace13d58cd52d1b0d2669f42098c57fc1a22b5384ab0d12ac0f96edcf408b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6616dbc383f0eeee5ea1e9814899f225242144c962de049b947e7c4404e2346
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80356555c9846423c61622f770ee92f5940029ac671e309a3a08243d439e547
a86d60dc1404417ac4979356aba704dad6ea1acfcb2349aa13661a123b569dac
aa5301e0846cd335ccd08138f410133712ee3f560081312b367fa3fe74f8c504
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad695c36693cf0d337ff1d95d9a53920bcaa52dfff79fe37316d4550d3171096
ae3c2d152f4d14931b17d3346b9da3a27d39120a72495bd697dc7bf635f650e1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2c3da607488fa4c8f5c1975796c422ebb337c70ea4779167344f12152fe21c
af76be6d631bd5be37093e48eb8ce7a129c2843b7a26b73427d31344aafeb7ab
b05aad7af7eab3961a304d02d259e689d57dd7d4aba94cad341dcbf57145e50a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34f44541c913a6841a6928fde4a4e401294ccc3ace6e6add22e017a65303f8a
b41ba067533a3e04886f4fe3e3588b2651ba2465bd3f5e27d703098c04d7ffa8
b5a848988daa2b2d0e832af9f467622e7007834a3355a950927b1f7e48135647
b862f2ff63c9c7628a2b4a8aecca42f6a6ef4d4fa96c10da3507d5efafbebdcf
b8cf2c2e83a816504e6d56d8c108b73ecaf6523a8f0046a6aa7766b4c29ec7c6
b94ed1f3ddb8276b792031a1a281dcb8d3bee487c55c00eaec498ce8e6153b6c
bacb71e455a8278449df034b1047bffad3837e8c8a72e10e41d6073f5ceef6a3
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c009cd2ea8c6d8c45b4a47a228cecf2805884880979531ed1d2135b4c96eb453
c26cde998d6305d613338e8f6fdf7c9e71ee93d595ebecacb74dce0ecb70bf03
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c70602b3d9408fdc5e2075f4835b25e2ea65c1b6ad2c3fb4b92dcb974060200e
c894be1d1bedfb71cc4816599e53a8f11cf904931aa6d1055b853fc2da00fdb2
c92f03ae0b619c88157ef5e83a0cb327238870e0e4e7170850a2cf9921c5fb0b
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cc1bf591851654a91d98dd3aeafa9a7552a2918a0c3052a7d61c45f455e8625c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d28bd9769576f89eece91981c4a2ebe1c80b34ea678fa3b299cb28f2b4a3a917
d3f2d4f3d94b1120b9c3d010cb05e3f1211047ab8c4612c3b5bd3da846e201b7
d55eb84397079e52809cf574831c5d82bd20c1c9b764fd9faaabb5d38c4cb786
d99665643686ca409468f1fbba9025e3f44c52e29fbd69508698455b030b2c5b
da43376285a59c73369ad2b9b5810c8e9afe3c118aaee819370dd8aeaedf0ddc
db69cc715bbd28169f84dc319f34af6f4f5c219500a5d6db1a0de715d7e68267
dd26a46681bc9633e3ee4f9ad95922bdfa2f1478d6a45df267cc3dd39c48f51f
e1ca1e3c4438d0c5d2d7b5f408aa97bf7c85355d8b8f9600cf07e51a60c79c93
e1d679e231b2e42e8fcbbd4b32e722118946f5da1e8330d5cb51a0da4b54432a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d470142e460aeea6404a8a07afdc0c486c028defff7c848e93bb171ed2ab2
ea3ce73543935aabd16108ddc7ddbd73535e7416d1302e711245e48e3520c821
ea5a0a6ffea20eefe3047dc2cb5c9567eff056a230c36071ccf4d163ef14a436
eb2d67dcc06206771df7a133baaa77c4a9d74c72d478d52ff63649e250b81618
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54f5c9138f4dbd9a4c3f6c2b6177175c88e25a845cd13d07c05e4d551fc456
f59a140f5fc6313c3e4896aef588898ae4e80ef85d1caed8fb650626e2ad8926
f65744d16081b25ddf4105faf87e3c41aea69416671e394714f18b67d4c1035a
f73096cb160176c37d6537f30e47f5c83f2a97c8b9ca28c54a00458be0f57050
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fb2619044a1251471060f2768dc67322fa0b6c86b5885ccdc8c0a2748a7f8c0d
fb425e7c8dab0672797752237a7459ec716f5d2745657189ca4a2872ace9c709
fcec01d907331785f14bda8625b99061268c2c1f3d34d909d14f2d0877ca9897
fd1ebb5e4a128528671fc3d1c80abc6b1c133c6b34bf9071702053193fb7607e
fed1095626e51d0c34bddac22b7e3e29938e7e05270b09555b2fc22b4d9f0dd8
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.hellokids.com Open in urlscan Pro 52.51.66.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

197 Requests

51 %HTTPS

46 %IPv6

30 Domains

46 Subdomains

39 IPs

5 Countries

4373 kBTransfer

7049 kBSize

31 Cookies

7 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hellokids.com Open in urlscan Pro
52.51.66.223 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

51 %
HTTPS

46 %
IPv6

30
Domains

46
Subdomains

39
IPs

5
Countries

4373 kB
Transfer

7049 kB
Size

31
Cookies

197 HTTP transactions
2 data transactions