kids.mycolorgames.com Open in urlscan Pro
2606:4700::6812:1d4e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kids.mycolorgames.com/vi/games/?cid=600004
Submission: On October 16 via api (October 16th 2023, 10:23:44 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 70 HTTP transactions. The main IP is 2606:4700::6812:1d4e, located in United States and belongs to CLOUDFLARENET, US. The main domain is kids.mycolorgames.com.
TLS certificate: Issued by GTS CA 1P5 on August 22nd 2023. Valid for: 3 months.

This is the only time kids.mycolorgames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700::68... 2606:4700::6812:1d4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
70	14

15 2606:4700::6812:1d4e (United States)

ASN13335 (CLOUDFLARENET, US)

kids.mycolorgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resc.mycolorgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	738 KB
15	mycolorgames.com kids.mycolorgames.com resc.mycolorgames.com	564 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	273 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	471 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	164 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	258 B
70	10

	Domain	Requested by
19	tpc.googlesyndication.com	1 redirects kids.mycolorgames.com 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
11	pagead2.googlesyndication.com	kids.mycolorgames.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	resc.mycolorgames.com	kids.mycolorgames.com
6	kids.mycolorgames.com	kids.mycolorgames.com
4	www.gstatic.com	kids.mycolorgames.com 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
4	securepubads.g.doubleclick.net	kids.mycolorgames.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com kids.mycolorgames.com googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.googletagservices.com	kids.mycolorgames.com googleads.g.doubleclick.net
2	67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	kids.mycolorgames.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
70	16

This site contains no links.

Subject Issuer	Validity	Valid
mycolorgames.com GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://kids.mycolorgames.com/vi/games/?cid=600004
Frame ID: 656A3C470374A428A4EC7D7ABD4B4A8E
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: E6078ED736DB4239680C3DF3FE66AA6F
Requests: 1 HTTP requests in this frame

Frame: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9A6911DE819A2AA6C1A374D696B0962
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4414232724432396&output=html&adk=1812271804&adf=3025194257&lmt=1697444618&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&channel=7877524748&format=0x0&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697451818186&bpp=3&bdt=244&idt=368&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8012945595434&frm=20&pv=2&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078598%2C44801485%2C44804684%2C44805098%2C44805113%2C44805534&oid=2&pvsid=626813216951932&tmod=934186002&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 533840B4602F3BDDE6871622BD389C96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4414232724432396&output=html&h=280&slotname=3808533208&adk=625747416&adf=2141916313&pi=t.ma~as.3808533208&w=1200&fwrn=4&fwrnh=100&lmt=1697444618&rafmt=1&channel=7877524748&format=1200x280&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697451818189&bpp=1&bdt=248&idt=388&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8012945595434&pv_ch=7877524748%2B&frm=20&pv=1&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078598%2C44801485%2C44804684%2C44805098%2C44805113%2C44805534&oid=2&pvsid=626813216951932&tmod=934186002&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vIebCbgCOP&p=https%3A//kids.mycolorgames.com&dtd=395
Frame ID: B65538D36A3D89DF90FDFB39B515E5DE
Requests: 18 HTTP requests in this frame

Frame: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AAB057DAF7279C2D616D4431E1F56CCC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Frame ID: AC64D3A58CA5417FE1E4EA60B6C4DFE4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 1D013A861B5A4F4AC6CD5717A70827F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 2A1F1B68D825AD816FBCC65485157CE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EBF1B3FAED0F3FED601F12394DDEC87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5159F011E825CB005F9E5504181669EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sách tô màu cho trẻ em miễn phí, trò chơi tô màu và vẽ cho trẻ mới biết đi.

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

70
Requests

97 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

14
IPs

2
Countries

1914 kB
Transfer

4055 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODApK_HcxCwCRiwCTIIM5tghWKPNdM HTTP 301
https://tpc.googlesyndication.com/simgad/11268912758778311753

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=CBrRsKg8tZYKpJc2-9u8P2bCT0Az05JHIc5i-8pi8EWQQASDPna9yYJXikIKgB6AB0KfpmgHIAQmpApjVZtKAXII-qAMByAPLBKoE3QFP0PTybd-RDj2Cw_E8anpmpzYC6jd1kicXUTz79acwuh9Cd-3_oLagKzBYmfEVkeoCop8yZ8UKDc32Orq6PS0LLGLXdyRYgXPn4_MmoFChdNd8VCXDqQjDuWp_A0O99iMW7xIc1B9v-p3k6T7eR_hFCRlxi1tSAoHJ45kRd7YV2tmkMl0LMKcdj455N8grK3Qq5yiSD0Qf-1Pe5bjrqyry4x11tk0hsFTH9dKQzIBQBv7Z2YS8Q0xKQTuA7xv2Hhsmm_f-7DgkkLeH_U48aARWgjehwotqt9sKFHMZFcAE4_nLx60EiAW5l_yJR5IFBAgEGAGSBQQIBRgEoAYugAeY2JblAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCAzHPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkmaHR0cHM6Ly92aWdvby5mdW4vZ2FtZXNoYXJlL2luZGV4Lmh0bWyACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDQxNDIzMjcyNDQzMjM5NhgA&sigh=Sy4xPqCYlbU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN2qLUEMbM39U4j3IdPoArn9CFGngA4wRSFCOZGacWOtCus8EVwIqgeNh0bbLySAa4ooOovezAzYvhdWag646qO65K__GumhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222124414375250693962%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22324686800%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213888779647332652577%22}&andc=true

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kids.mycolorgames.com/vi/games/ 227 KB
83 KB 249ms
180ms Document
text/html 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e07984b6d06f8c967c3b2521b6ca3617f8ed756c04699a2ddc4a1f089d2cf2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate : max-age=3600s
cf-cache-status: DYNAMIC
cf-ray: 816f96650ccb5d88-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 16 Oct 2023 10:23:37 GMT
expires: 0
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 171ms
88ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4414232724432396

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3989204db3932d9b398c8b2ab0fb14ba13d570dad8b870171eceb997a042e07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Origin: https://kids.mycolorgames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51232
x-xss-protection: 0
server: cafe
etag: 1866175892238596277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 201ms
87ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b23d3977f2b0580354df068ec7d4082079c919dcf17d00ef2d5997f1b06dddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29468
x-xss-protection: 0
server: cafe
etag: 545 / 19646 / 31078768 / config-hash: 15196145071458161935
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 138ms
54ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SQNCHP

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d4dad92e4548c9d868a73d88f20626e8c3571a5a6ea75d2c0f631898df56e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75230
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Oct 2023 10:23:38 GMT

GET
H2 200 logo.png
kids.mycolorgames.com/static/img/ 16 KB
16 KB 178ms
177ms Image
image/png 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kids.mycolorgames.com/static/img/logo.png

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d353842773dc8572ba8a587253902153ea64cdc370851f00ca0db3f151e1884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/vi/games/?cid=600004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 10:27:47 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate, : max-age=3600s
accept-ranges: bytes
cf-ray: 816f9666ff185d88-FRA
content-length: 16081
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 image-loading.svg
kids.mycolorgames.com/static/img/ 21 KB
3 KB 175ms
175ms Image
image/svg+xml 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kids.mycolorgames.com/static/img/image-loading.svg

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6a62c56122d9f2f9399cc9043c7ec7acc3d29de480a9afb195a3dcea9c6a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/vi/games/?cid=600004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 10:27:47 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate, : max-age=3600s
cf-ray: 816f9666ff195d88-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 loading.svg
kids.mycolorgames.com/static/img/ 20 KB
8 KB 173ms
173ms Image
image/svg+xml 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kids.mycolorgames.com/static/img/loading.svg

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9890d38e52ef7969763502d19fa58adef89daa3b4ce8040948d250744ce13ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/vi/games/?cid=600004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 10:27:47 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate, : max-age=3600s
cf-ray: 816f9666ff1c5d88-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 main-bg.png
kids.mycolorgames.com/static/img/ 38 KB
38 KB 450ms
450ms Image
image/png 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kids.mycolorgames.com/static/img/main-bg.png

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5875be8c26c2b9348a12ce9bc52dc78e6d0b7149533218472841dcc2ff1e071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/vi/games/?cid=600004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 10:27:47 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate, : max-age=3600s
accept-ranges: bytes
cf-ray: 816f9666ff1d5d88-FRA
content-length: 38444
x-xss-protection: 1; mode=block
expires: 0

GET
DATA 200
OK truncated
/ 148 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f97c8c1f42ac050285bff71677590297715dc01feb36179d2b104a150f811016

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Inter-VariableFont.woff2
kids.mycolorgames.com/static/font/inter/ 34 KB
34 KB 177ms
176ms Font
application/font-woff2 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kids.mycolorgames.com/static/font/inter/Inter-VariableFont.woff2

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135167f030fb90f99caf41c786ff73ca8b91324cb0461590607f4ab7bfa96eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kids.mycolorgames.com/vi/games/?cid=600004
Origin: https://kids.mycolorgames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 34712
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 09 Oct 2023 10:27:47 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/font-woff2
access-control-allow-origin: https://kids.mycolorgames.com
cache-control: no-cache, no-store, max-age=0, must-revalidate, : max-age=3600s
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 816f96670f285d88-FRA
expires: 0

GET
H2 200 20230918-100859679OICH-800x419.webp
resc.mycolorgames.com/img/cover/clp/ 42 KB
43 KB 39ms
19ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/20230918-100859679OICH-800x419.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f265226c11b129f96757056ee8780f2a9d7c82d32c595431e7d59cf465355c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 10:09:00 GMT
server: cloudflare
age: 833491
etag: "650821bc-a9f2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f695d88-FRA
content-length: 43506
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 3273f65f161-800x419.webp
resc.mycolorgames.com/img/cover/clp/ 92 KB
92 KB 41ms
22ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/3273f65f161-800x419.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b432fa10d08d8b56b5baa7ca49caf633e43654bf8803440f8a1835058daae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 08:47:10 GMT
server: cloudflare
age: 255222
etag: "6529040e-16f32"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f675d88-FRA
content-length: 94002
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 629d6498160-800x419.webp
resc.mycolorgames.com/img/cover/clp/ 48 KB
48 KB 46ms
27ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/629d6498160-800x419.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da292b6f1e71ae927e669e49a96a73c3e058816aec7d4ca291d4c30672996cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Sep 2023 08:40:02 GMT
server: cloudflare
age: 1661656
etag: "651298e2-be6a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f5e5d88-FRA
content-length: 48746
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 1cad8dc9157-800x419.webp
resc.mycolorgames.com/img/cover/clp/ 56 KB
56 KB 39ms
20ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/1cad8dc9157-800x419.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c267230983b5362129543c8286fba8559c615e3922720bc48344f67477d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 08:07:22 GMT
server: cloudflare
age: 1700754
etag: "650bf9ba-dffa"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f605d88-FRA
content-length: 57338
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 9ab72336155-500x261.webp
resc.mycolorgames.com/img/cover/clp/ 28 KB
28 KB 39ms
20ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/9ab72336155-500x261.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a343f48426648aff6044976ee0d499c4ad2bf04c8ef3135f3800ff758feaaa39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 12:04:46 GMT
server: cloudflare
age: 1451200
etag: "6502f6de-70e4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f5b5d88-FRA
content-length: 28900
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 afc4a001153-500x261.webp
resc.mycolorgames.com/img/cover/clp/ 29 KB
29 KB 67ms
49ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/afc4a001153-500x261.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c789d89510a9b24883ca140e7f72f00854a8d8e18725bcdd6c5b3676374839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Sep 2023 06:58:44 GMT
server: cloudflare
age: 833485
etag: "64febaa4-72bc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f635d88-FRA
content-length: 29372
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 1faee6f2151-500x261.webp
resc.mycolorgames.com/img/cover/clp/ 37 KB
37 KB 38ms
21ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/1faee6f2151-500x261.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f700c64cb19d2512a42b735984435e7a1459900d08c670e63070d3c27c2eba77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 09:56:24 GMT
server: cloudflare
age: 2075905
etag: "64f1b548-94f2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f625d88-FRA
content-length: 38130
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 72dc65a4149-500x261.webp
resc.mycolorgames.com/img/cover/clp/ 20 KB
21 KB 43ms
26ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/72dc65a4149-500x261.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e3eebeacbea538ef4fa413509084b9c1526f056fcecc4d12d28929c5092ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Aug 2023 06:51:32 GMT
server: cloudflare
age: 781730
etag: "64e84f74-51cc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96675f6e5d88-FRA
content-length: 20940
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 2192f6dc147-500x261.webp
resc.mycolorgames.com/img/cover/clp/ 30 KB
30 KB 37ms
21ms Image
image/webp 2606:4700::6812:1d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resc.mycolorgames.com/img/cover/clp/2192f6dc147-500x261.webp
Requested by: Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9daee494a1e781d8495608ab8de523e0db3c119d8f8f06bf3fa17de3944e2b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 11:35:46 GMT
server: cloudflare
age: 778546
etag: "64df5792-77f0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=3600000
accept-ranges: bytes
cf-ray: 816f96674f645d88-FRA
content-length: 30704
expires: Mon, 27 Nov 2023 02:23:38 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
134 KB 211ms
129ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4414232724432396&plah=kids.mycolorgames.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4414232724432396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d217d1569e18054de3f89cd999fa45f6cb0754a5d9f6a17902033942eeb1a62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136613
x-xss-protection: 0
server: cafe
etag: 4215423428011845952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:38 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame E607 9 KB
4 KB 124ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4414232724432396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 09:35:31 GMT
etag: 6119613530591461916
expires: Mon, 30 Oct 2023 09:35:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ 420 KB
132 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 10:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134722
x-xss-protection: 0
server: cafe
etag: 2928310903106852838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 14 Oct 2024 10:36:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLWHVVKC2W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SQNCHP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1aafa3cbe3f11076dabe6a3d5e477e0eed77c241b9d8fb504f133d2974b4616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Oct 2023 10:23:38 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 199 KB
52 KB 897ms
896ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626813216951932&correlator=4447275993196602&eid=31078768%2C31077695%2C31070232&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&iu_parts=22306226513%2Cmycolor-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1697451818384&lmt=1697444618&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=false&dlt=1697451817942&idt=413&prev_scp=custom_channel%3Dmycolorgames.com%252F000&adks=1736249986&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eb5e4ae7041494bff382ff7e1f9e178d953fafcde16097c783fa16be62e1aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52905
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kids.mycolorgames.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9A6 6 KB
3 KB 144ms
46ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 10:23:38 GMT
expires: Tue, 15 Oct 2024 10:23:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ 38 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl_page_level_ads.js?cb=31078768

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5d389ae02c8f2cfe9a169a4688f29657b9b03c5fce50b8c8e3d020d360c22dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 10:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85613
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13424
x-xss-protection: 0
server: cafe
etag: 113957945738386553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 14 Oct 2024 10:36:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 52ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLWHVVKC2W&gtm=45je3ab0&_p=1004218848&cid=1187786752.1697451818&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697451818&sct=1&seg=0&dl=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&dt=S%C3%A1ch%20t%C3%B4%20m%C3%A0u%20cho%20tr%E1%BA%BB%20em%20mi%E1%BB%85n%20ph%C3%AD%2C%20tr%C3%B2%20ch%C6%A1i%20t%C3%B4%20m%C3%A0u%20v%C3%A0%20v%E1%BA%BD%20cho%20tr%E1%BA%BB%20m%E1%BB%9Bi%20bi%E1%BA%BFt%20%C4%91i.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLWHVVKC2W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kids.mycolorgames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
471 B 53ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kids.mycolorgames.com&callback=_gfp_s_&client=ca-pub-4414232724432396

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4414232724432396&plah=kids.mycolorgames.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa69267d3f7e03090081c854f544dcdbc38da03a842d2cb7030ea8f5fb957ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5338 76 B
259 B 226ms
225ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4414232724432396&output=html&adk=1812271804&adf=3025194257&lmt=1697444618&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&channel=7877524748&format=0x0&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697451818186&bpp=3&bdt=244&idt=368&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8012945595434&frm=20&pv=2&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078598%2C44801485%2C44804684%2C44805098%2C44805113%2C44805534&oid=2&pvsid=626813216951932&tmod=934186002&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 10:23:38 GMT
expires: Mon, 16 Oct 2023 10:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B655 144 KB
43 KB 1597ms
1597ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4414232724432396&output=html&h=280&slotname=3808533208&adk=625747416&adf=2141916313&pi=t.ma~as.3808533208&w=1200&fwrn=4&fwrnh=100&lmt=1697444618&rafmt=1&channel=7877524748&format=1200x280&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697451818189&bpp=1&bdt=248&idt=388&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8012945595434&pv_ch=7877524748%2B&frm=20&pv=1&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078598%2C44801485%2C44804684%2C44805098%2C44805113%2C44805534&oid=2&pvsid=626813216951932&tmod=934186002&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vIebCbgCOP&p=https%3A//kids.mycolorgames.com&dtd=395

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3546a6a78ed3f009958819602e189d6c2d58af350f2a4b2534cdb47e04c7d33e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43691
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 10:23:40 GMT
expires: Mon, 16 Oct 2023 10:23:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 93 KB
32 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4414232724432396

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94cf562450ba9e03d5965d7467af152b761052629c31e37603595c7978311005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32710
x-xss-protection: 0
server: cafe
etag: 15800583186719227087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:38 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4414232724432396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://kids.mycolorgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAB0 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 10:23:38 GMT
expires: Tue, 15 Oct 2024 10:23:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AAB0 4 KB
744 B 134ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com
URL: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 10:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 09:35:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 10:23:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC64 4 KB
1 KB 121ms
47ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 10:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 09:04:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 10:23:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame AC64 2 KB
973 B 65ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 22:52:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame AC64 23 KB
9 KB 66ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 22:51:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame AC64 3 KB
1 KB 65ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 14:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 14:27:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame AC64 20 KB
8 KB 56ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 22:47:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC64 187 KB
59 KB 137ms
47ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:39 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame AC64 35 KB
15 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame AAB0 20 KB
9 KB 46ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com
URL: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8568
x-xss-protection: 0
server: cafe
etag: 3657364187347500438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 22:58:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AAB0 205 B
296 B 126ms
49ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com
URL: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 401538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AAB0 604 B
920 B 125ms
48ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com
URL: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:25:02 GMT
x-content-type-options: nosniff
age: 284317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Oct 2024 03:25:02 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D01 38 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: kids.mycolorgames.com
URL: https://kids.mycolorgames.com/vi/games/?cid=600004

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B655 2 KB
662 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4414232724432396&output=html&h=280&slotname=3808533208&adk=625747416&adf=2141916313&pi=t.ma~as.3808533208&w=1200&fwrn=4&fwrnh=100&lmt=1697444618&rafmt=1&channel=7877524748&format=1200x280&url=https%3A%2F%2Fkids.mycolorgames.com%2Fvi%2Fgames%2F%3Fcid%3D600004&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697451818189&bpp=1&bdt=248&idt=388&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8012945595434&pv_ch=7877524748%2B&frm=20&pv=1&ga_vid=1187786752.1697451818&ga_sid=1697451818&ga_hid=1004218848&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078598%2C44801485%2C44804684%2C44805098%2C44805113%2C44805534&oid=2&pvsid=626813216951932&tmod=934186002&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vIebCbgCOP&p=https%3A//kids.mycolorgames.com&dtd=395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 10:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 09:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 10:23:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B655 2 KB
892 B 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B655 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B655 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B655 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B655 187 KB
59 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 10:23:40 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame B655 35 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H3 200 14262411894174453999
tpc.googlesyndication.com/gpa_images/simgad/ Frame B655 9 KB
9 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14262411894174453999

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec7c4d90678b648b0b1414bbd5294bad87254da36e58dd0e3ef569418cc6d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:11:26 GMT
x-content-type-options: nosniff
age: 317534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8968
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 03:08:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Oct 2024 18:11:26 GMT

GET
H3 200 6303936112492585524
tpc.googlesyndication.com/gpa_images/simgad/ Frame B655 16 KB
16 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/6303936112492585524

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b6ba20bad143c563d93b0d8fa4743e2db20261bf82820943769931603e5143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 06:10:52 GMT
x-content-type-options: nosniff
age: 187968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16137
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 01:09:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 06:10:52 GMT

GET
H3 200 10942227818775728265
tpc.googlesyndication.com/gpa_images/simgad/ Frame B655 20 KB
20 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10942227818775728265

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc736b6f581cc59860248419b8038c1ce4da33ee26e3339bb6d2a32f2a2fbadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:38:53 GMT
x-content-type-options: nosniff
age: 189887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19971
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 05:38:53 GMT

GET
H3 200 12263214904977577862
tpc.googlesyndication.com/gpa_images/simgad/ Frame B655 13 KB
13 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/12263214904977577862?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49681edf65fd8a5389086643e33b6637ef7611ced28ec820cffd0ca80dd987fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:02:07 GMT
x-content-type-options: nosniff
age: 411693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13159
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:55:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 16:02:07 GMT

GET
H3 200 17109552357459922334
tpc.googlesyndication.com/gpa_images/simgad/ Frame B655 15 KB
15 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/17109552357459922334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952f8a245b8d26fb9cabcb298ede85734868b3d827de75ed78404c1f1fb2c629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 01:20:50 GMT
x-content-type-options: nosniff
age: 378170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15060
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 00:50:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Oct 2024 01:20:50 GMT

GET
H3

200

11268912758778311753
tpc.googlesyndication.com/simgad/ Frame B655
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODApK_HcxCwCRiwCTIIM5tghWKPNdM
https://tpc.googlesyndication.com/simgad/11268912758778311753

330 KB
330 KB

39ms
39ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11268912758778311753

Requested by

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6951b1f94ba3459097509cbe05f03430e7e6fbb802fd6d8c6a4918e130986c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 11:49:48 GMT
x-content-type-options: nosniff
age: 513232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338348
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 07:01:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Oct 2024 11:49:48 GMT

Redirect headers

date: Sun, 15 Oct 2023 13:28:22 GMT
x-content-type-options: nosniff
server: cafe
age: 75318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/11268912758778311753
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Nov 2023 13:28:22 GMT

GET
DATA 200
OK truncated
/ Frame B655 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48c3db3730bb38004dfb6405292f3bc685289c3d226fe43ce81109756902f249

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B655 20 KB
21 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 176572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 09:20:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B655
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBrRsKg8tZYKpJc2-9u8P2bCT0Az05JHIc5i-8pi8EWQQASDPna9yYJXikIKgB6AB0KfpmgHIAQmpApjVZtKAXII-qAMByAPLBKoE3QFP0PTybd-RDj2Cw_E8anpmpzYC6jd1kicXUTz79ac...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222124414375250693962%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%222...

0
0

151ms
73ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222124414375250693962%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22324686800%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213888779647332652577%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2124414375250693962","debug_reporting":true,"destination":"https://vigoo.fun","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["324686800"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"13888779647332652577"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 10:23:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 10:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2124414375250693962","debug_reporting":true,"destination":"https://vigoo.fun","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["324686800"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"13888779647332652577"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 90ms
89ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b63ad2d221a9d33cc4703719d2d1a3ef1d6306a6c99e972242e0007e4c09538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12225
x-xss-protection: 0

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A1F 38 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 157ms
73ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 16 Oct 2023 10:23:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js?cb=31078768

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 10:23:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EBF 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 01:50:24 GMT
expires: Tue, 15 Oct 2024 01:50:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5159 829 B
1 KB 134ms
50ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

649aaf05f5be32862effefee86593c9356f08d09fa546599b3fe6c9d152cdee6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EHTc-HAIzq3JViCsQzCZ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kids.mycolorgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EHTc-HAIzq3JViCsQzCZ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 10:23:40 GMT
expires: Mon, 16 Oct 2023 10:23:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EBF 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Oct 2024 07:57:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5159 0
0 73ms
72ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=626813216951932&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EBF 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7RYW4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 10:23:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=626813216951932&bg=!Pj2lPXLNAAbFpEfJ5aQ7ADQBe5WfOMAjdzeCvWO4KLBUvNOoFbkCpr470OZYDpex0sPOsQL6y-QovTgCrWoEMdcRUxFTAgAAAFVSAAAABmgBB5kC51jmZhOdA_LQE0PBslZTJxVTLTm-a7Nn1cSDamDSWZSo8FLCcyPfzWY6wn-hx-j8LJp0WaNoNsNRhitvwCckMhi0B6XFMgHV-HDvm-hNmIxtdemI2L2ZtpXmvjRYlkB8vfOar_aOCXjhEqd8WdzMD7X08Td4rz6Yx92UGgAL1deOkLgBZNULYCr0Kyi0OpITq7SpZqkEahqiHvw5LoikHH63DhvgSCcgXiRWy6jXh9_xjhhrDrsBq60PEQEru9B_W5OZOM6WByNomyH16A6iau-yoecUDncMMFJKXzSRvKB6LdzXjrHu2AH1q4LJejax4xiJPf5AuuTVqb36O4_dxnaggk91yJo69BXub5u_YfV51wcL6aH7yQzb0qTTE2gzkoli0clijXsz38jK00BHczMjFyMBiQB0Z9OvBQTuEo5BvgPQ2RShLkRoFQn8nSaE3WiE-qEId_8DzHTyXn9fjlFdNWvusmJ2JRPqjRnumqqlt0yUK8S7eUfW5X6VMUCaoh3sMeZ5unjKOFsnoicEn-8gKOdkFpWS0nwarockE84gW_jqkIxoz10XaDrEjb2h4cxqccjDAzn1HlMdplFlTNtzh5BCpDF8drMY6u_-uj3B63RHAJda513Sh6uraqfe0KNOvAK0nYvNKJWmeo3X93YFRJ0SOmqYY6RWIiwSzB6CNBWWtIyob8C5whrWjRqpibZmoAp3PCIQ85vVYwrVUsSQm5naQlRi_77-xo4JEK08AxZvaG1o1nmxzBrg5x8thTqpnUE-4D5oaVOimoZx-nFu8_suPnZdFmt7kmJD4uAomPM-Mh4dju9iZw3v6YsOAWGw3F6lbVQEKDvO5hht4glKy13IIERthaSWrI9aJdrhWBQIx1DXcmUJQd_i8B6HW3DF0AFr9Sed4KPhxn44pKP15DP88FHgFVHswOYxOhc-URBR82KB3F-ix5-OKNLEY-rLWGh0SO6gBv-d3LZ2wZEycraK9K9r
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kids.mycolorgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B655 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH6QN_vroV154Pj9jAcCHaogNG_GJRJbJqinwV_dKpd9DAy4o3LuqafVGwoIi0uT17-CvSWcHJv6L2RtGwLCFZDLox-JtEf0KkQUx48Kh_sgDysqbKAQE6nsBYLOxrwqkhPr37Vr54FfhH&sai=AMfl-YRwz6YzqMNtokuYnbHmRiXkFFVvHHyOC9yWotwNSF1oqvIzZ-l6VsifzXoacZI_DXMjV3erRUs_mKyABRgdycc1-qg1-cxVkS79M3S1WQbMcbSbxqXlcU2OZPkfupnJHM3aJaKMEGpn446e&sig=Cg0ArKJSzLCIVg29yeU7EAE&cid=CAQSSwDICaaN2qLUEMbM39U4j3IdPoArn9CFGngA4wRSFCOZGacWOtCus8EVwIqgeNh0bbLySAa4ooOovezAzYvhdWag646qO65K__GumhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=625747416&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697451818585&rpt=1888&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 10:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mycolorgames.com/	1970-01-20 17:40:27	Name: _gcl_au Value: 1.1.607117402.1697451818
.mycolorgames.com/	1970-01-21 01:06:51	Name: _ga_JLWHVVKC2W Value: GS1.1.1697451818.1.0.1697451818.0.0.0
.mycolorgames.com/	1970-01-21 01:06:51	Name: _ga Value: GA1.1.1187786752.1697451818
.mycolorgames.com/	1970-01-21 00:52:27	Name: __gads Value: ID=34f3f4da30ddd33a:T=1697451818:RT=1697451818:S=ALNI_MbNoz-97FJHZwk0-E0nVcfUIt1Sjw
.mycolorgames.com/	1970-01-21 00:52:27	Name: __gpi Value: UID=00000c9a0620bde9:T=1697451818:RT=1697451818:S=ALNI_MYvIVR7C-fzSmLAP2ESnH1XJkzD4w
.doubleclick.net/	1970-01-21 00:52:27	Name: IDE Value: AHWqTUlgSpgfjWC59dYpvxHGqrCPCmMWwna_Ml_qEGgPxkWkRUpNyQz8GMKzlSovBJQ
.googleadservices.com/	1970-01-20 17:40:27	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67324015f5be3b68b73679214286fa56.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kids.mycolorgames.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
resc.mycolorgames.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
172.217.16.194
2001:4860:4802:34::36
2606:4700::6812:1d4e
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2002
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
0e6a62c56122d9f2f9399cc9043c7ec7acc3d29de480a9afb195a3dcea9c6a1f
135167f030fb90f99caf41c786ff73ca8b91324cb0461590607f4ab7bfa96eb4
1d4dad92e4548c9d868a73d88f20626e8c3571a5a6ea75d2c0f631898df56e40
1e07984b6d06f8c967c3b2521b6ca3617f8ed756c04699a2ddc4a1f089d2cf2d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3546a6a78ed3f009958819602e189d6c2d58af350f2a4b2534cdb47e04c7d33e
3989204db3932d9b398c8b2ab0fb14ba13d570dad8b870171eceb997a042e07a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d353842773dc8572ba8a587253902153ea64cdc370851f00ca0db3f151e1884
3fa69267d3f7e03090081c854f544dcdbc38da03a842d2cb7030ea8f5fb957ee
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c3db3730bb38004dfb6405292f3bc685289c3d226fe43ce81109756902f249
49681edf65fd8a5389086643e33b6637ef7611ced28ec820cffd0ca80dd987fa
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5875be8c26c2b9348a12ce9bc52dc78e6d0b7149533218472841dcc2ff1e071a
5b63ad2d221a9d33cc4703719d2d1a3ef1d6306a6c99e972242e0007e4c09538
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649aaf05f5be32862effefee86593c9356f08d09fa546599b3fe6c9d152cdee6
71b6ba20bad143c563d93b0d8fa4743e2db20261bf82820943769931603e5143
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
82e3eebeacbea538ef4fa413509084b9c1526f056fcecc4d12d28929c5092ff6
94cf562450ba9e03d5965d7467af152b761052629c31e37603595c7978311005
952f8a245b8d26fb9cabcb298ede85734868b3d827de75ed78404c1f1fb2c629
9890d38e52ef7969763502d19fa58adef89daa3b4ce8040948d250744ce13ef2
9daee494a1e781d8495608ab8de523e0db3c119d8f8f06bf3fa17de3944e2b27
9eb5e4ae7041494bff382ff7e1f9e178d953fafcde16097c783fa16be62e1aaf
a0b432fa10d08d8b56b5baa7ca49caf633e43654bf8803440f8a1835058daae2
a1aafa3cbe3f11076dabe6a3d5e477e0eed77c241b9d8fb504f133d2974b4616
a343f48426648aff6044976ee0d499c4ad2bf04c8ef3135f3800ff758feaaa39
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a81c267230983b5362129543c8286fba8559c615e3922720bc48344f67477d8c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acefc092ffa6df74a87ef66c614fe3552153903ea3f4da381086eb63d1b8525e
aec7c4d90678b648b0b1414bbd5294bad87254da36e58dd0e3ef569418cc6d6c
b23d3977f2b0580354df068ec7d4082079c919dcf17d00ef2d5997f1b06dddda
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c9c789d89510a9b24883ca140e7f72f00854a8d8e18725bcdd6c5b3676374839
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
d217d1569e18054de3f89cd999fa45f6cb0754a5d9f6a17902033942eeb1a62a
d5d389ae02c8f2cfe9a169a4688f29657b9b03c5fce50b8c8e3d020d360c22dc
d6951b1f94ba3459097509cbe05f03430e7e6fbb802fd6d8c6a4918e130986c0
da292b6f1e71ae927e669e49a96a73c3e058816aec7d4ca291d4c30672996cc7
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f265226c11b129f96757056ee8780f2a9d7c82d32c595431e7d59cf465355c11
f700c64cb19d2512a42b735984435e7a1459900d08c670e63070d3c27c2eba77
f97c8c1f42ac050285bff71677590297715dc01feb36179d2b104a150f811016
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fc736b6f581cc59860248419b8038c1ce4da33ee26e3339bb6d2a32f2a2fbadf

kids.mycolorgames.com Open in urlscan Pro 2606:4700::6812:1d4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

92 %IPv6

10 Domains

16 Subdomains

14 IPs

2 Countries

1914 kBTransfer

4055 kBSize

7 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kids.mycolorgames.com Open in urlscan Pro
2606:4700::6812:1d4e Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

14
IPs

2
Countries

1914 kB
Transfer

4055 kB
Size

7
Cookies

70 HTTP transactions
2 data transactions