backoff.biz.id Open in urlscan Pro
2606:4700:3031::ac43:b1e2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://backoff.biz.id/
Submission: On December 21 via api (December 21st 2023, 2:49:45 pm UTC) from US — Scanned from US

Summary HTTP 47 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3031::ac43:b1e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is backoff.biz.id.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.

This is the only time backoff.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3031::ac43:b1e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:251... 2600:9000:2512:400:5:df2a:4ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:b00... 2600:141b:b000::1737:eba8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	144.217.107.59 144.217.107.59	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:46d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:7c8:aab4... 2a01:7c8:aab4:63:5054:ff:fe99:9916	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	2600:9000:251... 2600:9000:2514:ec00:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
1	23.46.156.13 23.46.156.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::ac43:afaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
1	51.105.120.132 51.105.120.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3033::ac43:d62e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:b271	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c19::77	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:4661	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.46.84.68 193.46.84.68	51107 (DOMENAIAS) (DOMENAIAS)
1	2a03:2a00:140... 2a03:2a00:1400:0:1::4959	15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::69	15169 (GOOGLE) (GOOGLE)
47	26

4 2606:4700:3031::ac43:b1e2 (United States)

ASN13335 (CLOUDFLARENET, US)

backoff.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2512:400:5:df2a:4ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.weltbild.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4440 (United States)

ASN13335 (CLOUDFLARENET, US)

esle.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1834 (United States)

ASN13335 (CLOUDFLARENET, US)

gbcoloring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:b000::1737:eba8 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)

images.platoyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.217.107.59 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip59.ip-144-217-107.net

lystok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46d5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.supercoloring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7c8:aab4:63:5054:ff:fe99:9916 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)

images.thimbletoys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:ec00:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.156.13 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-13.deploy.static.akamaitechnologies.com

i.etsystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:afaf (United States)

ASN13335 (CLOUDFLARENET, US)

ausmalbilder-tk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.120.132 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.toggoeltern.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d62e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ausmalbilder.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b271 (United States)

ASN13335 (CLOUDFLARENET, US)

imgde.hellokids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::77 (Washington, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4661 (United States)

ASN13335 (CLOUDFLARENET, US)

ausmalbilder-gb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.46.84.68 (Lithuania)

ASN51107 (DOMENAIAS, LT)
PTR: vps68.tophosting.lt

www.pepe.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2a00:1400:0:1::4959 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

wunderbunt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	425 KB
4	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1912	516 KB
4	backoff.biz.id backoff.biz.id	252 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	lystok.com lystok.com — Cisco Umbrella Rank: 667096	257 KB
2	weltbild.de i.weltbild.de — Cisco Umbrella Rank: 343871	193 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	90 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	wunderbunt.de wunderbunt.de	96 KB
1	pepe.lt www.pepe.lt	70 KB
1	ausmalbilder-gb.de ausmalbilder-gb.de	150 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	127 KB
1	hellokids.com imgde.hellokids.com	51 KB
1	ausmalbilder.org www.ausmalbilder.org	240 KB
1	toggoeltern.de www.toggoeltern.de	259 KB
1	ausmalbilder-tk.de ausmalbilder-tk.de	78 KB
1	etsystatic.com i.etsystatic.com — Cisco Umbrella Rank: 6714	54 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 360	227 KB
1	thimbletoys.com images.thimbletoys.com	170 KB
1	supercoloring.com www.supercoloring.com — Cisco Umbrella Rank: 98940	31 KB
1	platoyo.com images.platoyo.com	53 KB
1	gbcoloring.com gbcoloring.com — Cisco Umbrella Rank: 244005	86 KB
1	esle.io esle.io — Cisco Umbrella Rank: 983840	244 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	31 KB
47	24

	Domain	Requested by
10	pagead2.googlesyndication.com	backoff.biz.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	i.pinimg.com	backoff.biz.id
4	backoff.biz.id	backoff.biz.id
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	lystok.com	backoff.biz.id
2	i.weltbild.de	backoff.biz.id
2	cdnjs.cloudflare.com	backoff.biz.id cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	wunderbunt.de	backoff.biz.id
1	www.pepe.lt	backoff.biz.id
1	ausmalbilder-gb.de	backoff.biz.id
1	i.ytimg.com	backoff.biz.id
1	imgde.hellokids.com	backoff.biz.id
1	www.ausmalbilder.org	backoff.biz.id
1	www.toggoeltern.de	backoff.biz.id
1	ausmalbilder-tk.de	backoff.biz.id
1	i.etsystatic.com	backoff.biz.id
1	m.media-amazon.com	backoff.biz.id
1	images.thimbletoys.com	backoff.biz.id
1	www.supercoloring.com	backoff.biz.id
1	images.platoyo.com	backoff.biz.id
1	gbcoloring.com	backoff.biz.id
1	esle.io	backoff.biz.id
1	ajax.googleapis.com	backoff.biz.id
47	25

This site contains links to these domains. Also see Links.

Domain
kertasdinding.com
tryagc.info

Subject Issuer	Validity	Valid
backoff.biz.id GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.weltbild.de Sectigo RSA Domain Validation Secure Server CA	`2022-12-16` - `2024-01-16`	a year	crt.sh
esle.io GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
ahozat6rn.cloudimg.io R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
www.lystok.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.thimbletoys.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-07` - `2024-08-13`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2023-08-09` - `2024-07-24`	a year	crt.sh
im.i.etsystatic.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
ausmalbilder-tk.de GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.toggoeltern.de RapidSSL TLS RSA CA G1	`2023-08-11` - `2024-09-10`	a year	crt.sh
ausmalbilder.org E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
hellokids.com E1	`2023-12-08` - `2024-03-07`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pepe.lt R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
wunderbunt.de R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://backoff.biz.id/
Frame ID: A11C8740F645F4EFAF7DB664BDC717AF
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: F40C79EA771DA2206DEEB795835497B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3966296694477547&output=html&adk=1812271804&adf=3025194257&lmt=1703170178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbackoff.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703170177732&bpp=11&bdt=1176&idt=502&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3917203637198&frm=20&pv=2&ga_vid=1305622119.1703170178&ga_sid=1703170178&ga_hid=1307844451&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079759%2C31079979%2C44798934%2C95320885&oid=2&pvsid=859599660974960&tmod=1567811855&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=545
Frame ID: B6E451401D81DE763626F5A32BCCF68B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93C3BE6FA71CA026EAFA5AB2834316C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15AB2BD175A1B33CE5ABE8164A7E1AB5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Backoff

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

84 %
IPv6

24
Domains

25
Subdomains

26
IPs

5
Countries

3705 kB
Transfer

4862 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://kertasdinding.com/
Title: KertasDinding.com

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/feed/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
backoff.biz.id/ 65 KB
9 KB 1738ms
424ms Document
text/html 2606:4700:3031::ac43:b1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4f295f1bc1879b92b6f4468d219b1d78af506c68c5130f1fcbc64e2038826f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8390eec0ecc5034d-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 14:49:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuT4%2Fo6W6hVNp3qFpLGVnnZREfuvkb5rSQAD2hgBX%2Fa5h%2B8KLFh3f8iS8%2BNNHcp5lMkHTJ0h%2FQZveTEtKfRd0NuxYX%2FooR4U8rWzForo14ZrPZIFvDCzZD6UPByNIWTjbCJwvE6LSZM%2BUaP1BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 6bdc2.css
backoff.biz.id/themes/default/assets_files/ 263 KB
41 KB 656ms
652ms Stylesheet
text/css 2606:4700:3031::ac43:b1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backoff.biz.id/themes/default/assets_files/6bdc2.css

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: W/"613f6a00-41d1d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww1BUPpJdg4xwnKolGThAFozuokvU%2B9M37p%2Frtvd%2FvoXN7avNF1kFD5HStcPkw7bRiLreHTvk0o%2B7M0kkGSHYs9LH1G9F8uyTz8zGeR539UylURmR%2Fql2qgpUOmknEGeBQe6M2VQFrdkkrmIVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8390eec3a831034d-MIA
expires: Fri, 20 Dec 2024 14:49:43 GMT

GET css
backoff.biz.id/themes/default/assets_files/ 0
0

GET
H3 200 sdk.js.download Show response
backoff.biz.id/themes/default/assets_files/ 198 KB
198 KB 535ms
535ms Script
application/octet-stream 2606:4700:3031::ac43:b1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backoff.biz.id/themes/default/assets_files/sdk.js.download

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 202529
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-31721"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kz5di4m2WhdaFRWW7PBUjeUUrVpJNYk7t17tS8VQNCTCY2g42LQiM8FbFkkMj9uNFd9AMr7feai4c4fO1qYJaxmgKuVJ91N8CXuHD0DUtO59HZuVkcO7%2Fi4%2F7pY8IbmThX%2FeX%2FpeH%2BaRFEms0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8390eec64caf5c71-MIA

GET
H2 200 sdk.js(1).download Show response
backoff.biz.id/themes/default/assets_files/ 3 KB
3 KB 421ms
419ms Script
application/octet-stream 2606:4700:3031::ac43:b1e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backoff.biz.id/themes/default/assets_files/sdk.js(1).download

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3224
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-c98"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRYuSG%2FyC2D1UVigFuKr1A0LxIT2%2F064XzvMqgyHvTRfKemrXPjF09vl6bnzUo4UgeNkadFCG5seARK%2BSpQ1v2w8Je6J%2FKw%2BpRmvOlb3lJDFb8%2BaNlNWnB6eBbCwUejesO5JUjbogizszYY0Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8390eec3a836034d-MIA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 266ms
107ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3966296694477547

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

772c16fb00034fe19b902e7152577c4ea97374b4b5d9244e28c905fb27535f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51274
x-xss-protection: 0
server: cafe
etag: 5542213060552809843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 307ms
159ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2415232437090392

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b522fc6467a15d89ed0bdc9000ca23550413c64fea06d446a9bbca338e86da69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51277
x-xss-protection: 0
server: cafe
etag: 11761341055310790506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 238ms
92ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9646554825927411

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f46f159b523bc05e5b048f044604b257b94eaba97d54a53a81b81ce00a4f850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51274
x-xss-protection: 0
server: cafe
etag: 653307777038960451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 433ms
287ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4795058402158056

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99b4afd950b3799ceb997570bd29f1fc96be5c46d776403d49fdfb161206e745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51276
x-xss-protection: 0
server: cafe
etag: 1939115598223772271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 445ms
300ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2958259450538965

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2fc1464c5439539c54138804d79ede08987b9188b163175ce6dedc249d09ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51274
x-xss-protection: 0
server: cafe
etag: 1146106900910445437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 136ms
56ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://backoff.biz.id/
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2864372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwMol3aluHZhBX5pTa%2BAn4%2BV55ukPHJEkUVAaCX0kmJerzu0HXsCDnZvG%2Fgyi%2BW%2BWUXJfYq6n0gfzrHp7d49DrxUNiLo7tWSgXsLnfrBTJFr2tOWXd1UINOKYPVR7CLCcML%2FtQpQr%2FbOINGyfYqUjitH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8390eec41fd57494-MIA
expires: Tue, 10 Dec 2024 14:49:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 225ms
67ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 14:49:23 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 43ms
41ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://backoff.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2618920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80252
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87yZP50%2FV9ozVc4KRoKVZd5GLoltPl9je%2BmzQfyYHxHfsUxDbNIIWRKJjrb%2BsQGSqTNpJiQfKy1GM6JJ2zKs%2BXHg5%2FJ8KOcF8X48jyqBSYb6yYeA6Qeo8jlos%2Frvgz6h%2FeMZh9QczQZ%2Bdr1391uorecZ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8390eec82ce27494-MIA
expires: Tue, 10 Dec 2024 14:49:37 GMT

GET
H2 200 peppa-pig-tolle-ausmalbilder-sonderausgabe-346276373.jpg
i.weltbild.de/p/ 80 KB
80 KB 471ms
226ms Image
image/webp 2600:9000:2512:400:5:df2a:4ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.weltbild.de/p/peppa-pig-tolle-ausmalbilder-sonderausgabe-346276373.jpg?v=1&wp=_max
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:400:5:df2a:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 587e68b32ea2b62dd75094a08c605984c386864a1c3595acc92af167d98c6527

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 03:14:57 GMT
via: 1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 41680
x-cache: Hit from cloudfront
content-length: 81808
x-request-id: 20a1dc5a-bcc7-442d-a12f-bfe2049779d2
last-modified: Mon, 30 Oct 2023 12:26:01 GMT
etag: "356f6619142bb06058b1d5a4e960cd5c"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: K_wVpXCKHnO11RRX-MDfr2MeWDeVxx-xbqMKxWUiNdDg-hz6t4Reig==

GET
H2 200 1580803219-peppa-pig-images-for-coloring-860x1024-1-90.jpg
esle.io/storage/app/54096/ 243 KB
244 KB 290ms
170ms Image
image/jpeg 2606:4700:20::ac43:4440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://esle.io/storage/app/54096/1580803219-peppa-pig-images-for-coloring-860x1024-1-90.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

751ead66c94f49ea0d0f4380fc5c79d2f6946f7b3f7c737da42d194efcff67e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=439311
alt-svc: h3=":443"; ma=86400
content-length: 248610
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Sep 2023 14:33:43 GMT
server: cloudflare
etag: "650319c7-6b40f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXvmscoXbq8JNOnoZWKZScrPCR4D2gIDsVhmnNOgs88hSfUGSL7QRLCBznYyutctjQuxbnkz7dx3%2BNhhGnZkziEJ8nj4Y0RxXa4fZIrxt9gegVdlc2yWNgqWjCdrJEmsQJmBO9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8390eec94df2da97-MIA

GET
H2 200 peppa-pig-coloring-pages.jpg
gbcoloring.com/wp-content/uploads/2023/09/ 86 KB
86 KB 558ms
456ms Image
image/jpeg 2606:4700:3034::6815:1834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbcoloring.com/wp-content/uploads/2023/09/peppa-pig-coloring-pages.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a9f15cbcb02584a67e51c73f64121d90fc5708e30998ffe547378c645058f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 07:09:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1568b-65489118-4617f4;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjiGrQuPUccHtxdqsAX9RmJS5RLUfL2zPo%2B9Vpgtapsn0Eo7RLzVNQ3%2Bv%2F8Z3pBQ7cS3m3xNGYN3Kmk9mb6iSsoaE4hfUHaRSnieQjQIlyDzHARDVXp%2BbCZ9A7gWb7FP2P%2FxzvBqL%2Fhz26wQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8390eec92a6f336e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 87691
expires: Thu, 28 Dec 2023 14:49:37 GMT

GET
H2 200 7d6af47ae3715ddf6c72b9857b6bbb25.jpeg
images.platoyo.com/v7/_atalanda_production_img_/ 52 KB
53 KB 785ms
430ms Image
image/jpeg 2600:141b:b000::1737:eba8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.platoyo.com/v7/_atalanda_production_img_/7d6af47ae3715ddf6c72b9857b6bbb25.jpeg?q=75&force_format=original

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:b000::1737:eba8 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

ab2ed3019936d6f6ec1e9fa5a15b709e9c0aa8de87a0fa3dc68de902744eaf72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
date: Thu, 21 Dec 2023 14:49:38 GMT
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-origin-visibility: OV_NORMAL_FILE
content-length: 53621
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 1726044s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_058_20231221144937_5ab18_ARvQ#330y
etag: "f840af7c0bec5b2f31477ee8ed7a7f9b"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2629746
x-hexa-flowtrace: AnRRR
timing-allow-origin: *
akamai-request-bc: [a=23.55.235.164,b=1765902942,c=g,n=US_NJ_NEWARK,o=20940],[c=c,n=US_NY_NEWYORK,o=20940],[a=51.79.98.227,c=o]

GET
H2 200 185.png
lystok.com/img/pages/ 125 KB
125 KB 307ms
137ms Image
image/png 144.217.107.59
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lystok.com/img/pages/185.png
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip59.ip-144-217-107.net
Software: Apache /
Resource Hash: ee46de66c9c5b02dceaf6b6de312f9f8f59b38c0f71ac0330577c0a56d6edb8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
last-modified: Thu, 23 Feb 2023 09:29:42 GMT
server: Apache
accept-ranges: bytes
content-length: 128096
content-type: image/png

GET
H2 200 peppa-pig-coloring-page.png
www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2016/07/ 30 KB
31 KB 142ms
47ms Image
image/png 2606:4700:20::ac43:46d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2016/07/peppa-pig-coloring-page.png
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f8ac2f91c3a20c98c16cea11a182562b4646c6be74d1d91ce51817f868a349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Thu, 21 Dec 2023 14:49:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1299913
alt-svc: h3=":443"; ma=86400
content-length: 31134
last-modified: Wed, 27 Jul 2016 10:07:39 GMT
server: cloudflare
etag: "579887eb-799e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFCHipq4gvbrhx0v9DSimPJB2DuGE%2BZP04ren%2BEcd%2FoorpEvri4YfhAO3w%2BLHFiIYcfyikDPaUdnBpkbLyJLSWTYEqzWsZfT41h7ijRwCitRFReKiblxuZX%2FJTbOn%2FEmNhYnlMT74mtEKL5xYaxmhpVlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 191644795
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8390eec94e6f5c7c-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3550448f.jpg
images.thimbletoys.com/images/items/ 170 KB
170 KB 894ms
281ms Image
image/jpeg 2a01:7c8:aab4:63:5054:ff:fe99:9916
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.thimbletoys.com/images/items/3550448f.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:7c8:aab4:63:5054:ff:fe99:9916 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

c081716fe5dc9fe39b0a2287770039cd4a88b7a417f5410fc1071d27d0f5ca0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 16:14:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-troubleredir: web01 images.thimbletoys.com
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 173720
expires: Sat, 20 Jan 2024 14:49:38 GMT

GET
H2 200 71JVWW92xBL.jpg
m.media-amazon.com/images/I/ 226 KB
227 KB 303ms
86ms Image
image/jpeg 2600:9000:2514:ec00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/71JVWW92xBL.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:ec00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5f7eec3bb10b196c2c898619678a6f9a83edfaff42d902367ff582fe19e963da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:13:51 GMT
via: 1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
age: 2124760
x-amz-cf-pop: JFK50-P8
edge-cache-tag: x-cache-946,/images/I/71JVWW92xBL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 231324
surrogate-key: x-cache-946 /images/I/71JVWW92xBL
last-modified: Fri, 29 Sep 2023 11:49:40 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: ab52a5c1-03c6-4e1c-b073-0655b2dfc4e8
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: uw2jehIMRSoEclzo4U03bqDtDIdf869-fg4TXMOqMBCfhw099rFSLw==
expires: Thu, 19 Nov 2043 00:13:51 GMT

GET
H2 200 il_fullxfull.3257168298_s0sp.jpg
i.etsystatic.com/31399243/r/il/92cc60/3257168298/ 53 KB
54 KB 443ms
202ms Image
image/webp 23.46.156.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.etsystatic.com/31399243/r/il/92cc60/3257168298/il_fullxfull.3257168298_s0sp.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.156.13 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-46-156-13.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

45ba6ce164c33b58daaf86f80f1702b8964eea98ca98fc8ef3ed8b0887a63f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
akamai-cache-status: Miss from child, Miss from parent
strict-transport-security: max-age=86400
last-modified: Wed, 09 Mar 2022 15:33:53 GMT
server: Akamai Image Manager
akamai-grn: , 0.0d972e17.1703170177.473cf6e2
etag: "feee6b8206ad89b9ad6adc92cbe7705a"
content-type: image/webp
cache-control: private, no-transform, max-age=2591948
server-timing: clientrtt; dur=62, clienttt; dur=126, origin; dur=0 , cdntime; dur=126, cache_status; desc=MISS, cdn; desc=Akamai
akamai-request-bc: [a=23.46.151.13,b=1195177698,c=g,n=US_NJ_EDISON,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[c=c,n=US_IL_MOUNTPROSPECT,o=20940]
timing-allow-origin: *
content-length: 54422
expires: Sat, 20 Jan 2024 14:48:45 GMT

GET
H2 200 Peppa-Wutz-95832958.jpg
ausmalbilder-tk.de/wp-content/uploads/2021/09/ 78 KB
78 KB 679ms
561ms Image
image/webp 2606:4700:3031::ac43:afaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ausmalbilder-tk.de/wp-content/uploads/2021/09/Peppa-Wutz-95832958.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:afaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4daad12b4d4e840904250d69607fa44f4443f04fd6e1097a337c15e07f3ae95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
x-server-powered-by: nginx
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-length: 79404
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT
last-modified: Sun, 22 Oct 2023 04:02:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCNgnTbeq5v%2BLzhG7hBZyMPQx5m1xh1J60XlWdWKmMCQuX0PP5UJ7ahEVrM1aClL6mZF4MoR3tQYdzalzpHMyWlTBIp9433zj1L3UL%2B%2BaTIp6%2FRVHzs7nqhFZgV7W5nWIhvcuIlchCGn2R0YzJsJXQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=5184000
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8390eec96e077476-MIA
expires: Mon, 19 Feb 2024 14:49:37 GMT

GET
H2 200 7cde5f507358db5e94d6054e7f36bd68.jpg
i.pinimg.com/originals/7c/de/5f/ 117 KB
117 KB 289ms
64ms Image
image/jpeg 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7c/de/5f/7cde5f507358db5e94d6054e7f36bd68.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 72ba908abb6c95f5a792ec37d8ff275a357b3ca5410aceb163aef156dc56e919

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
x-cdn: fastly
etag: "c418a07e995567c7c4f2afc14617c841"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 119524

GET
H2 200 csm_Peppa_Pig_Teaser_Ausmalbilder-Sammlung_teilen_d16d0d9560.jpg
www.toggoeltern.de/fileadmin/_processed_/b/a/ 259 KB
259 KB 650ms
282ms Image
image/jpeg 51.105.120.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.toggoeltern.de/fileadmin/_processed_/b/a/csm_Peppa_Pig_Teaser_Ausmalbilder-Sammlung_teilen_d16d0d9560.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.105.120.132 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

72ec6f923024c161131e0ea19db0f8674bc48280ec8aa8424a6810a907cb5a62

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload; always;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload; always;
last-modified: Tue, 15 Nov 2022 10:11:46 GMT
server: Apache
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
feature-policy: camera: 'none'; vr: 'none'; microphone: 'none'; payment: 'none'; midi: 'none'; microphone: 'none'
accept-ranges: bytes
content-length: 264748
expires: Sat, 20 Jan 2024 14:49:37 GMT

GET
H2 200 peppa-pig-ausmalbild-0001-q1.png
www.ausmalbilder.org/data/media/455/ 240 KB
240 KB 933ms
815ms Image
image/png 2606:4700:3033::ac43:d62e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ausmalbilder.org/data/media/455/peppa-pig-ausmalbild-0001-q1.png
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d62e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfef682ccdffed50bf98442ad1c20df8d48952534ae839c97f52315f66387e5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Sep 2018 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3be40-57674be448a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cVdfvy765nQpMzuNUEctEAvS86f0G4KQtg9sVmq7SrO2ynRrs%2F%2FfDU5aYUiy7XscirDd0rnqH0u60bf0w4cMfOm4LX3A98puS60jt1VjzweF7oEp5c%2FlCrqyJXyvIqf4ejAOKn5oPltYYwZVKPB%2BzkQIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8390eec969d94972-MIA
alt-svc: h3=":443"; ma=86400
content-length: 245312

GET
H2 200 peppa-wutz_h93.jpg
imgde.hellokids.com/_uploads/_tiny_galerie/20141146/ 50 KB
51 KB 626ms
522ms Image
image/jpeg 2606:4700:3033::ac43:b271
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgde.hellokids.com/_uploads/_tiny_galerie/20141146/peppa-wutz_h93.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ef3229bc3142d0ad5d120c2087945d7534d430eff3f358fd26a6822a3f16c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
cf-cache-status: MISS
last-modified: Mon, 31 Aug 2015 13:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c9c1-51e9b331f3280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb%2BBL8t2MhnhZao38OkYrunkiazFO2dyR%2BTMootpgc7GBGnA5f2ChN1YRiq1s51cm1dgkhTx1luR9Ehhwq64ZIcwYwr4MMnYPB4V0p0QdMZz6J%2FhmVOJvrLE%2FVaSNdjpIVqqejOUfVlEihq9uM8W2pd0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8390eec959ea5c71-MIA
alt-svc: h3=":443"; ma=86400
content-length: 51649

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/0_KkCL5CN-w/ 126 KB
127 KB 233ms
101ms Image
image/jpeg 2607:f8b0:4004:c19::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0_KkCL5CN-w/maxresdefault.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::77 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f49787a031164462a09fe3af8425059f3b6168f8d6fdb924b0de6fae1f40f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129333
x-xss-protection: 0
server: sffe
etag: "1586284726"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 16:49:37 GMT

GET
H2 200 peppa-mein-fenstermalbuch-342170167.jpg
i.weltbild.de/p/ 112 KB
113 KB 304ms
92ms Image
image/webp 2600:9000:2512:400:5:df2a:4ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.weltbild.de/p/peppa-mein-fenstermalbuch-342170167.jpg?v=1&wp=_max
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:400:5:df2a:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e9b339f57dad8f77cc026e1bc1ea3c2362089aa84d88d642f81446a26d52b663

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 03:14:57 GMT
via: 1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 41680
x-cache: Hit from cloudfront
content-length: 114638
x-request-id: c95c9966-b19f-4a34-b492-1df94f0b0b4d
etag: W/"1bfce-ZFn2sxIHDkGoecMOj364JhwkmNI"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: NHgRLiSXeCLbJRlMIzORmowy_6l_H3lYmNFDNOSVqCWcliKX-10rHg==

GET
H2 200 Peppa-Pig-18.jpg
ausmalbilder-gb.de/wp-content/uploads/2022/10/ 149 KB
150 KB 442ms
272ms Image
image/jpeg 2606:4700:3033::6815:4661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ausmalbilder-gb.de/wp-content/uploads/2022/10/Peppa-Pig-18.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7299907bcb2cb6bd004ed0167a8aff6ef53a8825918b3ac5eca98ed5fdd127

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Oct 2022 15:37:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "25358-63385e9d-1229f5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDB2rTVVI20S7Ii3%2FPRk3P6i1Cm42ngMpX6UCknML02zS8oIZL2CAFZZWTLr3GTs%2B%2Fj6D%2FniYtUSi9qv1I%2FCgLbphAtJO89wGLjfqigAXdM2yPqZsBQgPYPfR66WyA601Xhyv7jWQM38z1y5ZXjIoHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8390eec9cbd18dc6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 152408
expires: Thu, 28 Dec 2023 14:49:37 GMT

GET
H2 200 peppa-gamtoje-802x1024.jpg
www.pepe.lt/wp-content/uploads/vaikams/ 72 KB
70 KB 2367ms
178ms Image
image/jpeg 193.46.84.68
DOMENAIAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pepe.lt/wp-content/uploads/vaikams/peppa-gamtoje-802x1024.jpg

Requested by

Host: backoff.biz.id
URL: https://backoff.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.46.84.68 , Lithuania, ASN51107 (DOMENAIAS, LT),

Reverse DNS

vps68.tophosting.lt

Software

Apache/2 /

Resource Hash

e820c1af80a1136908c9500fea6369a392da0dddb1587f2a8e36aac538aa1ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 21 Dec 2023 14:49:39 GMT
last-modified: Wed, 13 Sep 2023 12:40:13 GMT
server: Apache/2
etag: "12057-6053cdc5c9662-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 20 Dec 2024 14:49:39 GMT

GET
H2 200 1ec9875572feb81003a5ad348ec957c0.jpg
i.pinimg.com/originals/1e/c9/87/ 236 KB
236 KB 74ms
74ms Image
image/jpeg 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1e/c9/87/1ec9875572feb81003a5ad348ec957c0.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82d31a60ac6a7837158e21c30843581413a35aad278a4ba19dd9563d57f6f189

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
x-cdn: fastly
etag: "f8589702ab78f1802fa287f7e8cf799d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 241228

GET
H2 200 ausmalbilder-peppa-wutz.jpg
wunderbunt.de/wp-content/uploads/2021/06/ 95 KB
96 KB 984ms
156ms Image
image/jpeg 2a03:2a00:1400:0:1::4959
MITTWALD-AS Mittw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wunderbunt.de/wp-content/uploads/2021/06/ausmalbilder-peppa-wutz.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:2a00:1400:0:1::4959 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: f03663c44e70d1f6d909f2dcf5c3880118382d649961d5c43461af38e011d377

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
last-modified: Wed, 23 Jun 2021 11:58:02 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 97661
expires: Fri, 19 Apr 2024 14:49:38 GMT

GET
H2 200 182.png
lystok.com/img/pages/ 131 KB
131 KB 139ms
134ms Image
image/png 144.217.107.59
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lystok.com/img/pages/182.png
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip59.ip-144-217-107.net
Software: Apache /
Resource Hash: 466ab3fe79fb5034a68013ce02202062758032b9d0e3bc8dbd70dda096b86c07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
last-modified: Thu, 23 Feb 2023 09:28:23 GMT
server: Apache
accept-ranges: bytes
content-length: 134355
content-type: image/png

GET
H2 200 1ea50d5a58db2a4c5e192b4d5197e7e2.jpg
i.pinimg.com/originals/1e/a5/0d/ 88 KB
88 KB 187ms
181ms Image
image/jpeg 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1e/a5/0d/1ea50d5a58db2a4c5e192b4d5197e7e2.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 42b5d68574c04f5fb487908c8cf7d594946ddf5fe97b834f201c2400b021278e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
x-cdn: fastly
etag: "9b52b3a5f8438ec6e16f762672e3b60d"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 90411

GET
H2 200 6fde7c1089baf05d5bb91de2ca60b315.jpg
i.pinimg.com/originals/6f/de/7c/ 75 KB
75 KB 185ms
180ms Image
image/jpeg 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/6f/de/7c/6fde7c1089baf05d5bb91de2ca60b315.jpg
Requested by: Host: backoff.biz.id
URL: https://backoff.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 59c2c49a73d34ab51d5d2409fd9f4861ef80b7c3673e44c4fa4ac124a5fb7521

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
x-cdn: fastly
etag: "5a2ce03b4147c99e36bd59eb3f3492f2"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 76810

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 296ms
154ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9646554825927411

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1916131603004031834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 14:49:37 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F40C 9 KB
4 KB 227ms
78ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9646554825927411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 42933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 02:54:04 GMT
etag: 5585625838579639069
expires: Thu, 04 Jan 2024 02:54:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B6E4 603 B
218 B 146ms
144ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3966296694477547&output=html&adk=1812271804&adf=3025194257&lmt=1703170178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbackoff.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703170177732&bpp=11&bdt=1176&idt=502&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3917203637198&frm=20&pv=2&ga_vid=1305622119.1703170178&ga_sid=1703170178&ga_hid=1307844451&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079759%2C31079979%2C44798934%2C95320885&oid=2&pvsid=859599660974960&tmod=1567811855&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=545

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 14:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 98ms
96ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4d1686c5f7b5163570c26c481553bfe1f687a4b6d4002789c01c4109c34a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12270
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 259ms
92ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 14:49:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93C3 13 KB
5 KB 66ms
65ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://backoff.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 43135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 02:50:43 GMT
expires: Fri, 20 Dec 2024 02:50:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 15AB 829 B
1 KB 206ms
78ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

982575fddd5e0b7a16e78c09400fb917a9ede3c70f4685d45dc87bcbfb1dfc26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XX-XqTllBDoEf3BYEYc19Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://backoff.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XX-XqTllBDoEf3BYEYc19Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 14:49:39 GMT
expires: Thu, 21 Dec 2023 14:49:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 93C3 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 02:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 02:50:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 15AB 0
0 91ms
91ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=859599660974960&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93C3 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Riak3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:49:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=859599660974960&bg=!Tk2lTQLNAAY3kmNgF5I7ADQBe5WfOE90M_cXmKW03tylIoy_mmJ56fif9lmew7-HyAik02RZvgiEHHD4_Zx57xHtxRmiAgAAAPBSAAAABGgBB5kDAxoaOdFpwhQfG1dSAJgfEQ2zegO-TlMJHMN1ZZPVSFOVqDBL5xlupHVoXhAI-oDHOFKgx0OpK8QmAWOPs_rhGvWdzDce1xC1jpadS9iRXtUNJVQ9acb_2SKzFcknRj9_cOh7IBdyKJiWVngDuUVJ_Eh8xfN0sJAMi2Z8AEBipYT3uHGdmddwp7ZE1kjsdqs39WORe1QE1A1OixewyC4VyFTPEUtArVaAUu1f7PN5zcP75RbM-olt9OJYy4pGIzWbMzHSCzqLVq6dAuaT6pg2C_SAb0iam4SdI8pWyCoKgeMFNr6AJiqCOy5NQ7N_8HK0iOh1Eo8HHpE4w_S8z7F-_O8zjI4aQRKoI9oQdWo5sqrIqtW_IBIyheSYlVXHcfeHsFG2Ifmnw5GGVu5p9XFuVTcmW6AnjJ-ClEh2gGrrXtkUyHhWnVKCPUT0HXZwHYGk8a4YrQJn5AtunQdOsAdpI3WGB63E8UpMmogSlj11ooVACukkLa61cm1Af8jtd6L6FFfX2THNJiYSJii9Vk753HEkVDoQIuLGRBrIF1o1QD50RCAvYTjep4QSR3HFMQKHXZNklPDDKT7Fl6iqobDYPLhAOcq15u6sjSy87OoHkc9Cc4V6J2o8dm962dQEnQGutm7tR7dPsYI6Oo3HT_UfxS8CnXJsNUTqtRnwZR-XaStsBPRbw198Dk99E77XoJ39lF_BSBuBhnGRoatGCsrcLg7vcl7eG5AYYChDA2Q2qu7c-q7PlPbbiUR_65Uf0hqZ2fUOusF12nEfIQoA6b_gbFa6x16c90YH7pqtKn4_bPa1aAkXos8I8FdjzsrJ6_eGOJKeWqjiuFhuVVskSTt5emQoad2SlKoX2iQ2yNiaMBmXOkFXA2_2t0p0h9vke26EoWV-K949NyR_-Ji0KOCet_WihMRw3V_o_16P1E7FbwkN8y8GMCdCzj7IL1oGYaRgu_pSQXdKYSbJQzEdRZAPRw-KpMLY_z1h858Ft9Rw_y0PVJBaVgzs7F4V8Ib2s5GorQukyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://backoff.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: backoff.biz.id
URL: https://backoff.biz.id/themes/default/assets_files/css

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			backoff.biz.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 771c01d8cf7929c8a1957a4a1ab25ee3
			.doubleclick.net/	1970-01-20 17:06:11	Name: test_cookie Value: CheckForPermission

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://backoff.biz.id/ Message: Refused to apply style from 'https://backoff.biz.id/themes/default/assets_files/css' because its MIME type ('application/octet-stream') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://backoff.biz.id/ Message: Refused to execute script from 'https://backoff.biz.id/themes/default/assets_files/sdk.js(1).download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	warning	URL: https://backoff.biz.id/(Line 1017) Message: Mixed Content: The page at 'https://backoff.biz.id/' was loaded over HTTPS, but requested an insecure element 'http://gbcoloring.com/wp-content/uploads/2023/09/peppa-pig-coloring-pages.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://backoff.biz.id/(Line 1017) Message: Mixed Content: The page at 'https://backoff.biz.id/' was loaded over HTTPS, but requested an insecure element 'http://imgde.hellokids.com/_uploads/_tiny_galerie/20141146/peppa-wutz_h93.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://backoff.biz.id/(Line 1018) Message: Mixed Content: The page at 'https://backoff.biz.id/' was loaded over HTTPS, but requested an insecure element 'http://gbcoloring.com/wp-content/uploads/2023/09/peppa-pig-coloring-pages.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://backoff.biz.id/(Line 1018) Message: Mixed Content: The page at 'https://backoff.biz.id/' was loaded over HTTPS, but requested an insecure element 'http://imgde.hellokids.com/_uploads/_tiny_galerie/20141146/peppa-wutz_h93.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://backoff.biz.id/ Message: Refused to execute script from 'https://backoff.biz.id/themes/default/assets_files/sdk.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3966296694477547&output=html&adk=1812271804&adf=3025194257&lmt=1703170178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbackoff.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703170177732&bpp=11&bdt=1176&idt=502&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3917203637198&frm=20&pv=2&ga_vid=1305622119.1703170178&ga_sid=1703170178&ga_hid=1307844451&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079759%2C31079979%2C44798934%2C95320885&oid=2&pvsid=859599660974960&tmod=1567811855&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=545 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ausmalbilder-gb.de
ausmalbilder-tk.de
backoff.biz.id
cdnjs.cloudflare.com
esle.io
gbcoloring.com
googleads.g.doubleclick.net
i.etsystatic.com
i.pinimg.com
i.weltbild.de
i.ytimg.com
images.platoyo.com
images.thimbletoys.com
imgde.hellokids.com
lystok.com
m.media-amazon.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
wunderbunt.de
www.ausmalbilder.org
www.google.com
www.pepe.lt
www.supercoloring.com
www.toggoeltern.de
backoff.biz.id
144.217.107.59
193.46.84.68
23.46.156.13
2600:141b:b000::1737:eba8
2600:9000:2512:400:5:df2a:4ac0:93a1
2600:9000:2514:ec00:1d:d7f6:39d3:7a61
2606:4700:20::ac43:4440
2606:4700:20::ac43:46d5
2606:4700:3031::ac43:afaf
2606:4700:3031::ac43:b1e2
2606:4700:3033::6815:4661
2606:4700:3033::ac43:b271
2606:4700:3033::ac43:d62e
2606:4700:3034::6815:1834
2606:4700::6811:180e
2607:f8b0:4004:c19::77
2607:f8b0:4004:c1b::69
2607:f8b0:4006:809::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:821::2002
2a01:7c8:aab4:63:5054:ff:fe99:9916
2a03:2a00:1400:0:1::4959
2a04:4e42:77::84
51.105.120.132
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
09f49787a031164462a09fe3af8425059f3b6168f8d6fdb924b0de6fae1f40f3
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2b7299907bcb2cb6bd004ed0167a8aff6ef53a8825918b3ac5eca98ed5fdd127
42b5d68574c04f5fb487908c8cf7d594946ddf5fe97b834f201c2400b021278e
45ba6ce164c33b58daaf86f80f1702b8964eea98ca98fc8ef3ed8b0887a63f48
466ab3fe79fb5034a68013ce02202062758032b9d0e3bc8dbd70dda096b86c07
47a9f15cbcb02584a67e51c73f64121d90fc5708e30998ffe547378c645058f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587e68b32ea2b62dd75094a08c605984c386864a1c3595acc92af167d98c6527
59c2c49a73d34ab51d5d2409fd9f4861ef80b7c3673e44c4fa4ac124a5fb7521
5f7eec3bb10b196c2c898619678a6f9a83edfaff42d902367ff582fe19e963da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
72ba908abb6c95f5a792ec37d8ff275a357b3ca5410aceb163aef156dc56e919
72ec6f923024c161131e0ea19db0f8674bc48280ec8aa8424a6810a907cb5a62
751ead66c94f49ea0d0f4380fc5c79d2f6946f7b3f7c737da42d194efcff67e0
772c16fb00034fe19b902e7152577c4ea97374b4b5d9244e28c905fb27535f38
7d4f295f1bc1879b92b6f4468d219b1d78af506c68c5130f1fcbc64e2038826f
7f46f159b523bc05e5b048f044604b257b94eaba97d54a53a81b81ce00a4f850
82d31a60ac6a7837158e21c30843581413a35aad278a4ba19dd9563d57f6f189
982575fddd5e0b7a16e78c09400fb917a9ede3c70f4685d45dc87bcbfb1dfc26
99b4afd950b3799ceb997570bd29f1fc96be5c46d776403d49fdfb161206e745
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a4daad12b4d4e840904250d69607fa44f4443f04fd6e1097a337c15e07f3ae95
a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840
a7ef3229bc3142d0ad5d120c2087945d7534d430eff3f358fd26a6822a3f16c9
ab2ed3019936d6f6ec1e9fa5a15b709e9c0aa8de87a0fa3dc68de902744eaf72
b2fc1464c5439539c54138804d79ede08987b9188b163175ce6dedc249d09ce3
b522fc6467a15d89ed0bdc9000ca23550413c64fea06d446a9bbca338e86da69
c081716fe5dc9fe39b0a2287770039cd4a88b7a417f5410fc1071d27d0f5ca0d
cfef682ccdffed50bf98442ad1c20df8d48952534ae839c97f52315f66387e5b
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d
e820c1af80a1136908c9500fea6369a392da0dddb1587f2a8e36aac538aa1ce4
e9b339f57dad8f77cc026e1bc1ea3c2362089aa84d88d642f81446a26d52b663
eb4d1686c5f7b5163570c26c481553bfe1f687a4b6d4002789c01c4109c34a3b
ee46de66c9c5b02dceaf6b6de312f9f8f59b38c0f71ac0330577c0a56d6edb8b
f03663c44e70d1f6d909f2dcf5c3880118382d649961d5c43461af38e011d377
f9f8ac2f91c3a20c98c16cea11a182562b4646c6be74d1d91ce51817f868a349
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

backoff.biz.id Open in urlscan Pro 2606:4700:3031::ac43:b1e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

84 %IPv6

24 Domains

25 Subdomains

26 IPs

5 Countries

3705 kBTransfer

4862 kBSize

2 Cookies

3 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

backoff.biz.id Open in urlscan Pro
2606:4700:3031::ac43:b1e2 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

84 %
IPv6

24
Domains

25
Subdomains

26
IPs

5
Countries

3705 kB
Transfer

4862 kB
Size

2
Cookies

47 HTTP transactions
0 data transactions