www.coloring.ws Open in urlscan Pro
52.54.225.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.coloring.ws/
Submission: On January 08 via api (January 8th 2024, 10:28:23 am UTC) from DE — Scanned from DE

Summary HTTP 63 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 63 HTTP transactions. The main IP is 52.54.225.252, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.coloring.ws.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 19th 2023. Valid for: a year.

This is the only time www.coloring.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	52.54.225.252 52.54.225.252	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:7da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.221.232.156 3.221.232.156	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:815	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4400:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.82.38.167 54.82.38.167	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:a400:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	3.239.232.244 3.239.232.244	14618 (AMAZON-AES) (AMAZON-AES)
63	18

20 52.54.225.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-225-252.compute-1.amazonaws.com

www.coloring.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:7da (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.221.232.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-232-156.compute-1.amazonaws.com

www.dltk-kids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dltk-holidays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:815 (United States)

ASN13335 (CLOUDFLARENET, US)

pioeg.admetricspro.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.38.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-38-167.compute-1.amazonaws.com

www.brainframe-kids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:a400:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-244.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	coloring.ws www.coloring.ws	758 KB
10	google.com cse.google.com — Cisco Umbrella Rank: 5708 www.google.com — Cisco Umbrella Rank: 6 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 clients1.google.com — Cisco Umbrella Rank: 629	295 KB
8	admetricspro.com qd.admetricspro.com — Cisco Umbrella Rank: 76750	449 KB
5	dltk-kids.com www.dltk-kids.com	21 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	214 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658	948 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2057	104 B
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	26 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	166 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338	275 B
1	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5930	682 B
1	brainframe-kids.com www.brainframe-kids.com	30 KB
1	dltk-holidays.com dltk-holidays.com	18 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 3813	48 KB
1	workers.dev pioeg.admetricspro.workers.dev — Cisco Umbrella Rank: 111366	665 B
63	16

	Domain	Requested by
20	www.coloring.ws	www.coloring.ws
8	qd.admetricspro.com	www.coloring.ws qd.admetricspro.com
5	www.google.com	cse.google.com www.google.com www.coloring.ws
5	www.dltk-kids.com	www.coloring.ws
3	www.googletagmanager.com	www.coloring.ws www.googletagmanager.com
2	id5-sync.com	cadmus.script.ac
2	fundingchoicesmessages.google.com	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	securepubads.g.doubleclick.net	qd.admetricspro.com cadmus.script.ac
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	www.coloring.ws cadmus.script.ac
1	lb.eu-1-id5-sync.com	cadmus.script.ac
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	dyv1bugovvq1g.cloudfront.net	cadmus.script.ac
1	clients1.google.com	www.coloring.ws
1	www.brainframe-kids.com	www.coloring.ws
1	dltk-holidays.com	www.coloring.ws
1	region1.google-analytics.com	www.googletagmanager.com
1	d15kdpgjg3unno.cloudfront.net	qd.admetricspro.com
1	cadmus.script.ac	qd.admetricspro.com
1	pioeg.admetricspro.workers.dev	qd.admetricspro.com
63	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
pinterest.com
www.youtube.com
www.dltk-kids.com
www.brainframe-kids.com
www.dltk-holidays.com
www.dltk-ninos.com
www.dltk-teach.com
www.first-school.ws
www.kidzone.ws
www.makinglearningfun.com
www.pauseitivity.com
www.primeraescuela.com
dltk-holidays.com

Subject Issuer	Validity	Valid
coloring.ws Amazon RSA 2048 M01	`2023-05-19` - `2024-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-10` - `2024-06-09`	a year	crt.sh
dltk-kids.com Amazon RSA 2048 M01	`2023-05-19` - `2024-06-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
script.ac E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
dltk-holidays.com Amazon RSA 2048 M02	`2023-05-19` - `2024-06-16`	a year	crt.sh
brainframe-kids.com Amazon RSA 2048 M01	`2023-05-13` - `2024-06-10`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.coloring.ws/
Frame ID: 2E152F47442F95C92AC896AF884A164D
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coloring Pages for Kidssuchen

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Page Statistics

63
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

2048 kB
Transfer

5077 kB
Size

8
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/DLTKsCraftsForKids

Search URL Search Domain Scan URL

URL: https://pinterest.com/leannedltk/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DLTKcrafts/featured

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/
Title: DLTK's

Search URL Search Domain Scan URL

URL: https://www.brainframe-kids.com/type/coloring-pages.htm
Title: Mental Health / Psychology

Search URL Search Domain Scan URL

URL: https://www.dltk-holidays.com/
Title: DLTK-Holidays.com

Search URL Search Domain Scan URL

URL: https://www.dltk-ninos.com/
Title: DLTK-Ninos.com

Search URL Search Domain Scan URL

URL: https://www.dltk-teach.com/
Title: DLTK-Teach.com

Search URL Search Domain Scan URL

URL: https://www.brainframe-kids.com/
Title: BrainFrame-Kids.com

Search URL Search Domain Scan URL

URL: https://www.first-school.ws/
Title: First-School.ws

Search URL Search Domain Scan URL

URL: https://www.kidzone.ws/
Title: KidZone.ws

Search URL Search Domain Scan URL

URL: https://www.makinglearningfun.com/
Title: MakingLearningFun.com

Search URL Search Domain Scan URL

URL: https://www.pauseitivity.com/
Title: Pauseitivity.com

Search URL Search Domain Scan URL

URL: https://www.primeraescuela.com/
Title: PrimeraEscuela.com

Search URL Search Domain Scan URL

URL: https://dltk-holidays.com/winter/m5snowflakes.htm?feature
Title: Five Little Snowflakes Felt Board rhyme

Search URL Search Domain Scan URL

URL: https://www.brainframe-kids.com/brain/worksheets.htm?feature
Title: Brain Worksheets & Puzzles

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/feedback.htm
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/prthlp.html
Title: Print Help

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/privacy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/copyright.htm
Title: Copyright

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.coloring.ws/ 18 KB
6 KB 384ms
121ms Document
text/html 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0de2733b6af0d185adaaab30a1fcd0591e717e5740264deca38d8f7056f6168e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5441
content-type: text/html
date: Mon, 08 Jan 2024 10:28:17 GMT
etag: "060e779321cda1:0"
last-modified: Tue, 21 Nov 2023 04:23:28 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 maincoloring.css
www.coloring.ws/dltkstyles/ 7 KB
2 KB 123ms
121ms Stylesheet
text/css 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coloring.ws/dltkstyles/maincoloring.css
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1ae436455d6df2cf89da5cfb00bf81a4b516fa40e088c24dd054163748b41d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 22:23:58 GMT
server: Microsoft-IIS/8.5
etag: "0533296c598d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2103

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 84ms
36ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52971111-8

Requested by

Host: www.coloring.ws
URL: https://www.coloring.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5764341f481b9b0c824535fed1e805acdeeedbde3a429ca3911fdb615f1f136e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65783
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 10:28:17 GMT

GET
H2 200 sidebar2-layout.js Show response
qd.admetricspro.com/js/dltk/coloringws/ 42 KB
8 KB 208ms
157ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ec4aad03326e63ff346f594c37f2cb10f580200b8996367f52e883f68d7ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Dec 2023 15:25:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a6ba-60d7f693b193b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vONaaRoMaY88%2FgDKG1Z83fXprqxlNbI1zmjiOGteCjm%2Bo3wyMjZvMRC%2FKAPvCpOKYP03b%2FeYSVMfg2lluAGNUTvWFseUPgUrkgJL4QyJqIoOoWZcA%2BS9ULsspRdQoWnkfHZQfPOJCq9yLddl1K1kCko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bb6c469b39-FRA
expires: Mon, 08 Jan 2024 10:37:40 GMT

GET
H2 200 line2.jpg
www.coloring.ws/images/ 397 B
573 B 121ms
121ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/images/line2.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ec53bd429b8d41c4284486ffdbab99d72f0e4a550587c5884cba8a811ddea419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
last-modified: Mon, 22 May 2023 08:10:49 GMT
server: Microsoft-IIS/8.5
etag: "2b05ceb848cd91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 397

GET
H2 200 coloring-brand-1200.png
www.coloring.ws/images/ 8 KB
8 KB 122ms
122ms Image
image/png 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/images/coloring-brand-1200.png
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f5d2aee10ef029810d37cde6bd0060bf100ffc38c78b3099b5f347ea3e2cc0a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
last-modified: Mon, 22 May 2023 08:10:46 GMT
server: Microsoft-IIS/8.5
etag: "39974be9848cd91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 8403

GET
H2 200 facebook.png
www.dltk-kids.com/images/ 921 B
1 KB 362ms
115ms Image
image/png 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dltk-kids.com/images/facebook.png
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03945ce270fb1b8d694c3eebfe0f235fb54929973283c38c0e3e6c75127061ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Fri, 28 Apr 2023 09:11:55 GMT
server: Microsoft-IIS/8.5
etag: "3d2f3f7ab179d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 921

GET
H2 200 pinterest.png
www.dltk-kids.com/images/ 1 KB
1 KB 361ms
114ms Image
image/png 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dltk-kids.com/images/pinterest.png
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fc8deae28b64ae4499971481a402af6c85873da8a14f86b1d0eb45d0cc860763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Fri, 28 Apr 2023 09:12:08 GMT
server: Microsoft-IIS/8.5
etag: "f84b5282b179d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1302

GET
H2 200 youtube.png
www.dltk-kids.com/images/ 1 KB
1 KB 361ms
115ms Image
image/png 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dltk-kids.com/images/youtube.png
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50200e9b822674ca4901570d058b6f561e11384c6db21caabb08091db0716e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Fri, 28 Apr 2023 09:12:18 GMT
server: Microsoft-IIS/8.5
etag: "a21c88b179d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1173

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=006942297880364118670:sudqxvczprm

Requested by

Host: www.coloring.ws
URL: https://www.coloring.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1a39abe64f58a860b994ad9d8e59672add1dbdd4b57d95e79b17bd2fc6d981dc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-bGaszRKfEH8mgNSyjl2lTQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-bGaszRKfEH8mgNSyjl2lTQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 08 Jan 2024 10:28:18 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2990
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 kawaii-little-red-ridinghood-1.jpg
www.coloring.ws/little-red-ridinghood-coloring-pages/s/ 69 KB
69 KB 121ms
120ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/little-red-ridinghood-coloring-pages/s/kawaii-little-red-ridinghood-1.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1b9ae91a96163ea6e16c39dbfa77e1e8533019847224f6fdb41507cadafbc516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
last-modified: Wed, 15 Nov 2023 01:32:53 GMT
server: Microsoft-IIS/8.5
etag: "842151a76317da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 70314

GET
H2 200 a-ant.gif
www.coloring.ws/abc/ 16 KB
16 KB 240ms
240ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/abc/a-ant.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 40c5a0a89a842d74badaf242727e0b8bf6714a646f763fbefde91807ae44da10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:17 GMT
last-modified: Mon, 31 Jul 2023 12:35:18 GMT
server: Microsoft-IIS/8.5
etag: "ece79a76abc3d91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 15945

GET
H2 200 10.jpg
www.coloring.ws/animals/horses/s/ 45 KB
45 KB 266ms
263ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/animals/horses/s/10.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7e4d6cd2b52689db7a318865603977da52b2c758f9f9f70aa4b92199102cd55f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Wed, 15 Nov 2023 01:23:22 GMT
server: Microsoft-IIS/8.5
etag: "adf9c9526217da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 45760

GET
H2 200 wizard-older.gif
www.coloring.ws/fantasy/ 63 KB
63 KB 151ms
148ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/fantasy/wizard-older.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e915f1a27c9e8375871017249f5ce3e23923ef0f8bcfa53a2e5eaa53720b2cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 08:05:09 GMT
server: Microsoft-IIS/8.5
etag: "bdea8820848cd91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 64749

GET
H2 200 connect-the-dots-cat.jpg
www.coloring.ws/ctd/ 29 KB
29 KB 266ms
262ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/ctd/connect-the-dots-cat.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d79267bb3777b4be52f4c637b3da249ddfffbfaf7451984ccbdd81923aa654a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Wed, 15 Nov 2023 01:26:24 GMT
server: Microsoft-IIS/8.5
etag: "a4ed26bf6217da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 29451

GET
H2 200 b-aquarius-older.gif
www.coloring.ws/horoscope/ 101 KB
102 KB 266ms
263ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/horoscope/b-aquarius-older.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b904594d00e2dded3350917b2edaad4bc7d80b51c9d461c85864a8cf1d536590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 08:10:34 GMT
server: Microsoft-IIS/8.5
etag: "d2fc26e2848cd91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 103875

GET
H2 200 plumber.gif
www.coloring.ws/construction/ 37 KB
38 KB 266ms
263ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/construction/plumber.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fb5e8f7da6f106389d935a224ec3be69f15e81ac2bf050732641dc081d21f84a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 07:58:17 GMT
server: Microsoft-IIS/8.5
etag: "3aee452b838cd91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 38257

GET
H2 200 cbncat.gif
www.coloring.ws/cbn/s/ 35 KB
35 KB 266ms
264ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/cbn/s/cbncat.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 57a34c3474baff8258cd8ba4d98816c71f91da2feafd60c3c4c3d8a14bb84fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Wed, 15 Nov 2023 01:26:20 GMT
server: Microsoft-IIS/8.5
etag: "fd873cbd6217da1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 35438

GET
H2 200 4.jpg
www.coloring.ws/steampunk/s/ 110 KB
110 KB 266ms
263ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/steampunk/s/4.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4d7273a8aaee10127e8a79ae70d0599a322b5a80e5f4c51d210292b34c81060c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 20 Nov 2023 23:18:44 GMT
server: Microsoft-IIS/8.5
etag: "d424cee771cda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 112386

GET
H2 200 lamorak.jpg
www.coloring.ws/england/king-arthur/s/ 90 KB
91 KB 266ms
263ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/england/king-arthur/s/lamorak.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3978f43fce998a79d918e4749b3963f915c2ba8267b9c45952de90c64130b031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 20 Nov 2023 03:45:10 GMT
server: Microsoft-IIS/8.5
etag: "4dea4ef6631bda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 92531

GET
H2 200 guinevere-1.jpg
www.coloring.ws/england/king-arthur/s/ 97 KB
97 KB 267ms
265ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/england/king-arthur/s/guinevere-1.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b288f979958f7a898b87b88f6eb370148873da78ebe77828df2fb1df9e24f6b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Sun, 19 Nov 2023 23:14:40 GMT
server: Microsoft-IIS/8.5
etag: "5a6f2c3e1bda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 99371

GET
H2 200 features-data.js Show response
www.dltk-kids.com/includes/ 82 KB
15 KB 473ms
226ms Script
application/javascript 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dltk-kids.com/includes/features-data.js
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d3850cb9e6ac49e29e7ff04a93342a9029ae623a6669694fb75f6273ec574e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
last-modified: Sun, 14 May 2023 05:03:12 GMT
server: Microsoft-IIS/8.5
etag: "0a8fa612186d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 15049

GET
H2 200 features-insert.js Show response
www.dltk-kids.com/includes/ 5 KB
2 KB 467ms
223ms Script
application/javascript 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dltk-kids.com/includes/features-insert.js
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0902bb736591ab3e13e835e90111282390ea8b3a8c70a197c3ea214988a90e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
last-modified: Sun, 07 Feb 2021 19:59:39 GMT
server: Microsoft-IIS/8.5
etag: "80752c48bfdd61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1679

GET
H2 200 small-device.css
www.coloring.ws/dltkstyles/ 992 B
765 B 267ms
266ms Stylesheet
text/css 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coloring.ws/dltkstyles/small-device.css
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c1fdbc8ec64d4cf587414ada354a2fa827f9cee7932c5f83e3f615e7c577d951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
last-modified: Fri, 02 Jun 2023 17:59:47 GMT
server: Microsoft-IIS/8.5
etag: "1230257c95d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 557

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZLBBHL

Requested by

Host: www.coloring.ws
URL: https://www.coloring.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acde803dbcde89e418286a2c95a177a60a0f43bd90906d7092e63cc21855302f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62260
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52971111-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 09:22:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3951
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jan 2024 11:22:27 GMT

GET
H2 200 / Show response
pioeg.admetricspro.workers.dev/ 200 B
665 B 89ms
32ms XHR
application/text 2606:4700:3035::6815:815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pioeg.admetricspro.workers.dev/
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb07a97a352058297aef83bed12367814d1e5eaa56f992bc267b3ad7cc22c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnSPTwK9v57mvrJPeM%2F%2BbMYcGDZksUxAQWYw5VdqFOfqTqRUlfhUCTFnLXXgdAAZWKaAYkf6vUo3J%2BTRNzw6n83YEbGbbOl3yuWcWkhYQGwJDKyrarAIRNfduOlQ15AmkLzFMdz5VvmcnnGAhkeQp6gbh1Q6EdSSd2Yh2Es%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/text;charset=UTF-8
access-control-allow-origin: *
cf-ray: 8423c0bcc90030f4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 200

GET
H2 200 line2.jpg
www.coloring.ws/images/ 397 B
573 B 266ms
265ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/images/line2.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ec53bd429b8d41c4284486ffdbab99d72f0e4a550587c5884cba8a811ddea419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 08:10:49 GMT
server: Microsoft-IIS/8.5
etag: "2b05ceb848cd91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 397

GET
H2 200 10.jpg
www.coloring.ws/animals/horses/s/ 45 KB
45 KB 267ms
266ms Image
image/jpeg 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/animals/horses/s/10.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7e4d6cd2b52689db7a318865603977da52b2c758f9f9f70aa4b92199102cd55f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Wed, 15 Nov 2023 01:23:22 GMT
server: Microsoft-IIS/8.5
etag: "adf9c9526217da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 45760

GET
H2 200 coloringbullet1.gif
www.coloring.ws/dltkstyles/images/ 202 B
378 B 266ms
265ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/dltkstyles/images/coloringbullet1.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/dltkstyles/maincoloring.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d9112ea034e317b4ccce74c0276726528f4602f441a9965eeb619cfbccbdf865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/dltkstyles/maincoloring.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 07:59:52 GMT
server: Microsoft-IIS/8.5
etag: "3011f663838cd91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 202

GET
H2 200 coloringbullet2.gif
www.coloring.ws/dltkstyles/images/ 189 B
364 B 266ms
265ms Image
image/gif 52.54.225.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coloring.ws/dltkstyles/images/coloringbullet2.gif
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/dltkstyles/maincoloring.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.225.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-225-252.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ac137e692578953440c86d2c72215e8f5ef3063c4d2e980f7e5a0d3dee90c9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/dltkstyles/maincoloring.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Mon, 22 May 2023 07:59:53 GMT
server: Microsoft-IIS/8.5
etag: "ac4a064838cd91:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 189

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KMSJ26XVV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZLBBHL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d7bc2b04e302d21b0bf30f4ba2d1cfe79283b8082ac681defa2ab2bec6c2249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 opticommon.js Show response
qd.admetricspro.com/js/optimera/ 8 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/optimera/opticommon.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ce70ec38840c3c32ddabe877bc9c6f25bcde77bf60e908e9d85452a71e0d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 18:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 385
etag: W/"211c-6010398b02838-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZOk%2FEgWBkooAv7DUDf6%2BpymwIhYvV4oLCKIfhScVfeHJafNcj8Nvq4PeYrs6AzrhhEol0srB6VZTJUhR5HniUa1Pv4yerwUciN0Li8kOA4tVH7hjZe1xNFAwr3xXsstk1f%2BR2%2B4KgRhcyG8%2BSzpIyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bd0d7c9b39-FRA
expires: Mon, 08 Jan 2024 10:31:20 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/droiw9gfb309t/ 137 KB
48 KB 90ms
38ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550cd8038e49962f3fe059f4f397729bd9a920a4ab35d3391f34b4fdba5851d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
last-modified: Fri, 05 Jan 2024 17:59:17 GMT
server: cloudflare
age: 0
etag: W/"71732e94ad9af046ee31e8ba0030ded08f3b93cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8423c0bd585f4d22-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 162ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0aa42f60ea48b5f986ebd401ed4fc6d4d79a50f67a27db941a98231cf6c45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29015
x-xss-protection: 0
server: cafe
etag: 141 / 19730 / m202401020101 / config-hash: 6543920534500417499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/dltk/coloringws/ 322 KB
92 KB 174ms
173ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/cmp.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953950792fdff6cb144dd1220a26088651920a98b80da68d6da586696a919b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 15:11:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"506e3-5e91d3ff33230-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6aOwI39sPU%2B7ypkBCZ5ciYu7qrhXUEOrRljnwcbJEVAX28sXgipgq1GMByRdluJ5gyWXQb6j25hHQGQZ%2Bn8yQXXGrWCJDgGgeMClN%2BEiWVZ8t8CGkHLIfiW%2F1pwPEt%2BoQjzrLJnJkxPdNERuoZjadU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bd0d7d9b39-FRA
expires: Mon, 08 Jan 2024 10:30:28 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/dltk/coloringws/ 169 KB
80 KB 154ms
153ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/uspcmp.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef624ec962415bd378947e5207227907e499957a465bcf20238dc938a7dbfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 14:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a4f5-5e91cc9d2952a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPCpVLAfgrqdX19N4QLMoGy5Fw9MzlB3utVYTvuvgYu9ovI%2BBZK8xWXBYAhyJbvG2H3QGYSYBPi%2Fd%2FWCoJpwpGYpLkv25GYzy0JcUwHL%2BYiXlpI8lo%2BwwE6hPdnRwwuBb9VOMUXgGpRq11T07c4uwI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bd0d7e9b39-FRA
expires: Mon, 08 Jan 2024 10:30:28 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/dltk/coloringws/ 577 KB
175 KB 517ms
516ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/prebid.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a90077950eaf8b209bcc2219fa2cd0a1e487cae8d896087e57d367d7f084f66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 22:05:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"904a0-609972b64a234-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1iCIZkGQEO2gkm14xQfv1Z8qANgsFHLr2dO7WOh3W%2Fr%2FVHe6gNgsNmeldSJY2xb2MmkrD59IPrrdsTJoNCVnGGLKZCNfLSV%2B8H0%2Bdex4Az%2F243RXM%2Bu5CInkJgIMYTsoC3xccMCG9r1fHQ9lcQVB3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bd0d809b39-FRA
expires: Mon, 08 Jan 2024 10:30:28 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/dltk/coloringws/ 135 KB
36 KB 174ms
174ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/engine.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43fa0c6fbe53e743cc30977c6c79562747170917001cb8c229df3101ebaba9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 00:16:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"21da5-6053278b8b876-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XsgRiUkHEOtO4L0b8W5uoK%2FLarP6ZTkO8F%2F2WarwHZ8Acu3eNeXWIn969onfx9l9fU3OaAcuX6wzT6wtevPVGo8ZqT4bh%2BM%2FMe9%2ByguFZaZiJwdktLk7Bpu3AGj6TceYrdJMQArqylTLWUkSqMd268%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bd0d829b39-FRA
expires: Mon, 08 Jan 2024 10:30:28 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 122 KB
25 KB 103ms
23ms Script
text/javascript 2600:9000:206f:4400:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=96
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 20:00:45 GMT
last-modified: Wed, 03 Jan 2024 22:00:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 52060
x-amz-server-side-encryption: AES256
etag: W/"89881b677e6e0a30830bf701b3bc6cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: 9YWYoWL0_KgzKbixb1YjStQnCt_ZEdFva5CdrxEXRh4LjhXAFdfbmg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 29ms
28ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1549813969&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coloring.ws%2F&ul=en-us&de=UTF-8&dt=Coloring%20Pages%20for%20Kids&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1939612313&gjid=205370695&cid=1516753102.1704709698&tid=UA-52971111-8&_gid=1864211754.1704709698&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1678260773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 10:28:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coloring.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/3bd4ac03c21554b3/ 315 KB
105 KB 111ms
61ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:sudqxvczprm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501efd26e0adb1b58e4e630bed3978be00907c298ebb68c6b3c12ba0ca435a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107398
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 41 KB
9 KB 107ms
57ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:sudqxvczprm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 70ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:sudqxvczprm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 08 Jan 2024 11:06:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 77ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KMSJ26XVV5&gtm=45je4130v898724976z8898724007&_p=1704709697894&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1516753102.1704709698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704709698&sct=1&seg=0&dl=https%3A%2F%2Fwww.coloring.ws%2F&dt=Coloring%20Pages%20for%20Kids&en=page_view&_fv=1&_ss=1&tfd=779
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KMSJ26XVV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 10:28:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coloring.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 109ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ 0
0 160ms
108ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.coloring.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 08 Jan 2024 10:28:18 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62418
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 06 Jan 2025 17:08:00 GMT

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 404 KB
55 KB 205ms
159ms XHR
application/json 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/coloringws/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd362f4e6ebce8ac52397d018782ec0dd387292b6edd2d33809f0eec847ad114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 23:01:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65017-5f7fdd667db3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCPLNDPOJGtm4Ipk%2BiV8b%2FAX94BellNdcduuNn1IAyO9%2Fi1ndKgGzOc0eetQH9VXSU7thGJK%2BHb7omGo0JW%2BwWghk9OVwcLaGfF8qp%2FgSpEIHZQJVeUQEZqoW3x62c23dDF3vI8Ked7f2ee1wRQ69b4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8423c0bf09059a15-FRA
expires: Mon, 08 Jan 2024 10:31:25 GMT

GET
H2 200 1018018 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 112ms
49ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1018018?ers=3

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef29a7a16ec4e981b803ad7ae3c4eca75384a7f458be89d4212c78640900b940

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BcXCnybdcyny4NdxCQ7o2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BcXCnybdcyny4NdxCQ7o2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5snowflakes.jpg
dltk-holidays.com/winter/images/s/ 18 KB
18 KB 465ms
227ms Image
image/jpeg 3.221.232.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dltk-holidays.com/winter/images/s/5snowflakes.jpg
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.232.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-232-156.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e38d16e49b0491a14d584dd7e2078d50eac7c806fb48d228251e756bcae226d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Wed, 26 Apr 2023 02:11:58 GMT
server: Microsoft-IIS/8.5
etag: "148dc7be477d91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 18427

GET
H2 200 learned-lobes.png
www.brainframe-kids.com/brain/images/s/ 30 KB
30 KB 419ms
124ms Image
image/png 54.82.38.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.brainframe-kids.com/brain/images/s/learned-lobes.png
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.38.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-38-167.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c1755dbd16cae41eb1f8bb04b9ecbdb9ea259fd8965b11db3be4e707ba6a1333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
last-modified: Tue, 13 Jul 2021 20:14:08 GMT
server: Microsoft-IIS/8.5
etag: "79c8eca22378d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 30383

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 142 KB
52 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13376431191049311150"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Mon, 08 Jan 2024 10:28:18 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 21ms
21ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:32:04 GMT
x-content-type-options: nosniff
age: 280574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 04 Jan 2025 04:32:04 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: www.coloring.ws
URL: https://www.coloring.ws/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:43:02 GMT
x-content-type-options: nosniff
age: 549916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1838
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 01 Jan 2025 01:43:02 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 99ms
23ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 AGSKWxWupKrTDmtC3tsjTosBRCjNeGuExcqGA672OMlxcwAdJ3C0xD26CIrD5gFHbnYcNYZiYmC8mf9vNykhclLUmlxMv1M-SUcJ-UhbW3GUiTQ1D8urxfan9_SQz9iKm4pdaO2x5WqxHQ== Show response
fundingchoicesmessages.google.com/f/ 370 KB
58 KB 115ms
115ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWupKrTDmtC3tsjTosBRCjNeGuExcqGA672OMlxcwAdJ3C0xD26CIrD5gFHbnYcNYZiYmC8mf9vNykhclLUmlxMv1M-SUcJ-UhbW3GUiTQ1D8urxfan9_SQz9iKm4pdaO2x5WqxHQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0NzA5Njk4LDYwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuY29sb3Jpbmcud3MvIixudWxsLFtbOCwib09TZXBIbHh4ZEUiXSxbOSwiZGUiXSxbMTksIjEiXV1d

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7148fe7c5f15f854ed0eaaf82685f5bb8335bd544a6c0ee10cef07954733a51

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aQGmWTSZIlngPoW9pvYh3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aQGmWTSZIlngPoW9pvYh3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/96/www.coloring.ws/ 523 B
879 B 88ms
24ms Fetch
application/json 2600:9000:223e:a400:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/96/www.coloring.ws/.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:a400:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4a0a9fa76029b71b47e0af45db320ee458fec1f26cf62990c9019902dafa783

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 10:28:18 GMT
content-encoding: gzip
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 93
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 242
x-amz-expiration: expiry-date="Sat, 09 Mar 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Mon, 08 Jan 2024 08:39:12 GMT
server: AmazonS3
etag: "730db4eddf2812dc128775b118cf25d5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.coloring.ws
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: XRT3NuoIJ1Vv5uhknJxzgdZzqpIxHnSlQK4z8YLVNza9oLRGGliEYQ==

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
416 B 73ms
22ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

96fe096e13a57e700af2ea95d16a12cc4b2f3b8323b9bbe4d678bd4226563633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.coloring.ws
date: Mon, 08 Jan 2024 10:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 446ms
117ms XHR
text/xml 3.239.232.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D96%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.239.232.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-244.compute-1.amazonaws.com
Software: /
Resource Hash: 6dfa748dd4b39a22c3006f46e4e79c18e842f4002b4cfc99a62308df5048df69

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Mon, 08 Jan 2024 10:28:19 GMT
connection: keep-alive
x-amzn-RequestId: 0ac8c3b0-75f2-5a86-833c-9da5a571259b
Content-Length: 378
Content-Type: text/xml

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
275 B 73ms
21ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

0e5ff4bfdfeb63d96ee60103755b7cee1bbc9606911068b8fb267b4d06147842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.coloring.ws
date: Mon, 08 Jan 2024 10:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 724.json Show response
id5-sync.com/g/v2/ 251 B
532 B 65ms
22ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

34d8ffa1d59cbce0c41146be17883f362e67962c4f95c2fd7243cb8e8fbd8f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.coloring.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.coloring.ws
date: Mon, 08 Jan 2024 10:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 404 coloringws.PNG
qd.admetricspro.com/js/dltk/coloringws/ 0
0 151ms
151ms Image
text/html 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qd.admetricspro.com/js/dltk/coloringws/coloringws.PNG
Requested by: Host: www.coloring.ws
URL: https://www.coloring.ws/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.coloring.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.coloring.ws/	1970-01-20 17:41:54	Name: amp_pieog Value: ==Qfi4WasJXZC9SZw9mc1VkI6Iie0JCLiQWZulmZlRmb1JiOikHdpNmIsICZl5WamVGZuVnI6Iibvl2ZlJnIsISREJiOiknc05WdvNmIsICMzkTOy4SM1IiOiQXYsJCLiADMxkDNukjI6IyZu9GbiwiIzojO3QjMzoDM0IjOyoDM2IWM6EDMwIjI6ICcpJCLxojI2Jye
.coloring.ws/	1970-01-20 17:33:16	Name: _gid Value: GA1.2.1864211754.1704709698
.coloring.ws/	1970-01-20 17:31:49	Name: _gat_gtag_UA_52971111_8 Value: 1
.coloring.ws/	1970-01-21 03:07:49	Name: _ga_KMSJ26XVV5 Value: GS1.1.1704709698.1.0.1704709698.0.0.0
.coloring.ws/	1970-01-21 03:07:49	Name: _ga Value: GA1.1.1516753102.1704709698
www.coloring.ws/	1970-01-21 02:17:25	Name: usprivacy Value: 1---
.coloring.ws/	1970-01-20 18:15:01	Name: _sharedID Value: 617b4895-abb7-43f4-a30f-3991b652cc7d
.coloring.ws/	1970-01-20 18:15:01	Name: _sharedID_cst Value: TyylLI8srA%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://qd.admetricspro.com/js/dltk/coloringws/coloringws.PNG Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cadmus.script.ac
clients1.google.com
cse.google.com
d15kdpgjg3unno.cloudfront.net
dltk-holidays.com
dyv1bugovvq1g.cloudfront.net
fundingchoicesmessages.google.com
i.clean.gg
id5-sync.com
lb.eu-1-id5-sync.com
pioeg.admetricspro.workers.dev
qd.admetricspro.com
region1.google-analytics.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
www.brainframe-kids.com
www.coloring.ws
www.dltk-kids.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
162.19.138.120
2001:4860:4802:32::36
2600:9000:206f:4400:11:b309:9100:21
2600:9000:223e:a400:5:82fd:2500:21
2606:4700:20::681a:7da
2606:4700:3035::6815:815
2606:4700::6812:1791
2a00:1450:4001:802::2008
2a00:1450:4001:809::200e
2a00:1450:4001:810::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
3.221.232.156
3.239.232.244
34.95.69.49
52.54.225.252
54.82.38.167
03945ce270fb1b8d694c3eebfe0f235fb54929973283c38c0e3e6c75127061ea
0902bb736591ab3e13e835e90111282390ea8b3a8c70a197c3ea214988a90e68
0de2733b6af0d185adaaab30a1fcd0591e717e5740264deca38d8f7056f6168e
0e5ff4bfdfeb63d96ee60103755b7cee1bbc9606911068b8fb267b4d06147842
1a39abe64f58a860b994ad9d8e59672add1dbdd4b57d95e79b17bd2fc6d981dc
1ae436455d6df2cf89da5cfb00bf81a4b516fa40e088c24dd054163748b41d09
1b9ae91a96163ea6e16c39dbfa77e1e8533019847224f6fdb41507cadafbc516
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
34d8ffa1d59cbce0c41146be17883f362e67962c4f95c2fd7243cb8e8fbd8f3a
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c
3978f43fce998a79d918e4749b3963f915c2ba8267b9c45952de90c64130b031
3cb07a97a352058297aef83bed12367814d1e5eaa56f992bc267b3ad7cc22c50
40c5a0a89a842d74badaf242727e0b8bf6714a646f763fbefde91807ae44da10
47ce70ec38840c3c32ddabe877bc9c6f25bcde77bf60e908e9d85452a71e0d59
4d7273a8aaee10127e8a79ae70d0599a322b5a80e5f4c51d210292b34c81060c
501efd26e0adb1b58e4e630bed3978be00907c298ebb68c6b3c12ba0ca435a0c
50200e9b822674ca4901570d058b6f561e11384c6db21caabb08091db0716e30
550cd8038e49962f3fe059f4f397729bd9a920a4ab35d3391f34b4fdba5851d1
5764341f481b9b0c824535fed1e805acdeeedbde3a429ca3911fdb615f1f136e
57a34c3474baff8258cd8ba4d98816c71f91da2feafd60c3c4c3d8a14bb84fa3
5ef624ec962415bd378947e5207227907e499957a465bcf20238dc938a7dbfb0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dfa748dd4b39a22c3006f46e4e79c18e842f4002b4cfc99a62308df5048df69
74ec4aad03326e63ff346f594c37f2cb10f580200b8996367f52e883f68d7ce7
7df0df8b3df8c42634ecc71d7ab35e197c61777eb5b41a3e14239322b5804f7b
7e4d6cd2b52689db7a318865603977da52b2c758f9f9f70aa4b92199102cd55f
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8a90077950eaf8b209bcc2219fa2cd0a1e487cae8d896087e57d367d7f084f66
8d7bc2b04e302d21b0bf30f4ba2d1cfe79283b8082ac681defa2ab2bec6c2249
953950792fdff6cb144dd1220a26088651920a98b80da68d6da586696a919b1a
96fe096e13a57e700af2ea95d16a12cc4b2f3b8323b9bbe4d678bd4226563633
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
ac137e692578953440c86d2c72215e8f5ef3063c4d2e980f7e5a0d3dee90c9ab
acde803dbcde89e418286a2c95a177a60a0f43bd90906d7092e63cc21855302f
b288f979958f7a898b87b88f6eb370148873da78ebe77828df2fb1df9e24f6b2
b904594d00e2dded3350917b2edaad4bc7d80b51c9d461c85864a8cf1d536590
bd362f4e6ebce8ac52397d018782ec0dd387292b6edd2d33809f0eec847ad114
bf0aa42f60ea48b5f986ebd401ed4fc6d4d79a50f67a27db941a98231cf6c45d
c1755dbd16cae41eb1f8bb04b9ecbdb9ea259fd8965b11db3be4e707ba6a1333
c1fdbc8ec64d4cf587414ada354a2fa827f9cee7932c5f83e3f615e7c577d951
d3850cb9e6ac49e29e7ff04a93342a9029ae623a6669694fb75f6273ec574e15
d4a0a9fa76029b71b47e0af45db320ee458fec1f26cf62990c9019902dafa783
d79267bb3777b4be52f4c637b3da249ddfffbfaf7451984ccbdd81923aa654a5
d9112ea034e317b4ccce74c0276726528f4602f441a9965eeb619cfbccbdf865
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360
e38d16e49b0491a14d584dd7e2078d50eac7c806fb48d228251e756bcae226d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7148fe7c5f15f854ed0eaaf82685f5bb8335bd544a6c0ee10cef07954733a51
e915f1a27c9e8375871017249f5ce3e23923ef0f8bcfa53a2e5eaa53720b2cb3
ec53bd429b8d41c4284486ffdbab99d72f0e4a550587c5884cba8a811ddea419
ef29a7a16ec4e981b803ad7ae3c4eca75384a7f458be89d4212c78640900b940
f43fa0c6fbe53e743cc30977c6c79562747170917001cb8c229df3101ebaba9b
f5d2aee10ef029810d37cde6bd0060bf100ffc38c78b3099b5f347ea3e2cc0a5
fb5e8f7da6f106389d935a224ec3be69f15e81ac2bf050732641dc081d21f84a
fc8deae28b64ae4499971481a402af6c85873da8a14f86b1d0eb45d0cc860763

www.coloring.ws Open in urlscan Pro 52.54.225.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

67 %IPv6

16 Domains

21 Subdomains

18 IPs

2 Countries

2048 kBTransfer

5077 kBSize

8 Cookies

20 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.coloring.ws Open in urlscan Pro
52.54.225.252 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

2048 kB
Transfer

5077 kB
Size

8
Cookies

63 HTTP transactions
0 data transactions