ndaktau.biz.id Open in urlscan Pro
2606:4700:3036::6815:34bf Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ndaktau.biz.id/
Submission: On December 23 via api (December 23rd 2023, 8:19:08 pm UTC) from US — Scanned from US

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 23 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3036::6815:34bf, located in United States and belongs to CLOUDFLARENET, US. The main domain is ndaktau.biz.id.
TLS certificate: Issued by GTS CA 1P5 on December 22nd 2023. Valid for: 3 months.

This is the only time ndaktau.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3036::6815:34bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3	85.13.152.92 85.13.152.92	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	116.202.66.60 116.202.66.60	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:29d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:4000:30:... 2a03:4000:30:1b31::10:7040	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	85.13.136.76 85.13.136.76	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	2606:4700:440... 2606:4700:4400::6812:2320	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.164.116.101 18.164.116.101	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:6eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:d914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:141b:1c0... 2600:141b:1c00:30::1739:5a70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::681a:b58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:48d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	85.13.132.46 85.13.132.46	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	192.0.72.19 192.0.72.19	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.132.223.132 142.132.223.132	24940 (HETZNER-AS) (HETZNER-AS)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:440... 2606:4700:4400::6812:2640	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
44	25

4 2606:4700:3036::6815:34bf (United States)

ASN13335 (CLOUDFLARENET, US)

ndaktau.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.13.152.92 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd35318.kasserver.com

malvorlagen-seite.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.66.60 (Aachen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server.febas.net

mamaz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:29d (United States)

ASN13335 (CLOUDFLARENET, US)

png.pngtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:4000:30:1b31::10:7040 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)

www.gratis-malvorlagen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.136.76 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd14820.kasserver.com

www.eltern-erfolg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2320 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vecteezy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-101.jfk50.r.cloudfront.net

previews.123rf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:6eb (United States)

ASN13335 (CLOUDFLARENET, US)

www.creativefabrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d914 (United States)

ASN13335 (CLOUDFLARENET, US)

gbcoloring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:30::1739:5a70 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

img.freepik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:b58 (United States)

ASN13335 (CLOUDFLARENET, US)

www.supercoloring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48d3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kribbelbunt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.13.132.46 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd33018.kasserver.com

mal-o-mat.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

leonivo.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.223.132 (Jena, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: kbbdbag03.moc-dns.net

www.olis-bahnwelt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10017.sucuri.net

www.schule-und-familie.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2640 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
4	ndaktau.biz.id ndaktau.biz.id	252 KB
3	malvorlagen-seite.de malvorlagen-seite.de	582 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	mal-o-mat.de mal-o-mat.de	848 KB
2	supercoloring.com www.supercoloring.com — Cisco Umbrella Rank: 98940	125 KB
2	freepik.com img.freepik.com — Cisco Umbrella Rank: 17955	199 KB
2	creativefabrica.com www.creativefabrica.com — Cisco Umbrella Rank: 50382	757 KB
2	123rf.com previews.123rf.com — Cisco Umbrella Rank: 41269	679 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	90 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1912	30 KB
1	schule-und-familie.de www.schule-und-familie.de	103 KB
1	olis-bahnwelt.de www.olis-bahnwelt.de	283 KB
1	wordpress.com leonivo.files.wordpress.com	52 KB
1	kribbelbunt.de www.kribbelbunt.de	224 KB
1	gbcoloring.com gbcoloring.com — Cisco Umbrella Rank: 244005	77 KB
1	vecteezy.com static.vecteezy.com — Cisco Umbrella Rank: 26630	373 KB
1	eltern-erfolg.de www.eltern-erfolg.de	627 KB
1	gratis-malvorlagen.de www.gratis-malvorlagen.de	28 KB
1	pngtree.com png.pngtree.com — Cisco Umbrella Rank: 36600	1009 KB
1	mamaz.de mamaz.de	930 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	31 KB
44	23

	Domain	Requested by
6	pagead2.googlesyndication.com	ndaktau.biz.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	ndaktau.biz.id	ndaktau.biz.id
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	malvorlagen-seite.de	ndaktau.biz.id
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mal-o-mat.de	ndaktau.biz.id
2	www.supercoloring.com	ndaktau.biz.id
2	img.freepik.com	ndaktau.biz.id
2	www.creativefabrica.com	ndaktau.biz.id
2	previews.123rf.com	ndaktau.biz.id
2	cdnjs.cloudflare.com	ndaktau.biz.id cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	i.pinimg.com	ndaktau.biz.id
1	www.schule-und-familie.de	ndaktau.biz.id
1	www.olis-bahnwelt.de	ndaktau.biz.id
1	leonivo.files.wordpress.com	ndaktau.biz.id
1	www.kribbelbunt.de	ndaktau.biz.id
1	gbcoloring.com	ndaktau.biz.id
1	static.vecteezy.com	ndaktau.biz.id
1	www.eltern-erfolg.de	ndaktau.biz.id
1	www.gratis-malvorlagen.de	ndaktau.biz.id
1	png.pngtree.com	ndaktau.biz.id
1	mamaz.de	ndaktau.biz.id
1	ajax.googleapis.com	ndaktau.biz.id
44	24

This site contains links to these domains. Also see Links.

Domain
kertasdinding.com
tryagc.info

Subject Issuer	Validity	Valid
ndaktau.biz.id GTS CA 1P5	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
malvorlagen-seite.de R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
mamaz.de R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.pngtree.com GeoTrust RSA CN CA G2	`2023-05-06` - `2024-05-09`	a year	crt.sh
gratis-malvorlagen.de R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
eltern-erfolg.de R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
vecteezy.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
123rf.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
creativefabrica.com Cloudflare Inc ECC CA-3	`2023-08-04` - `2024-08-03`	a year	crt.sh
*.freepik.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
mal-o-mat.de R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
olis-bahnwelt.de R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
schule-und-familie.de Starfield Secure Certificate Authority - G2	`2023-04-30` - `2024-04-30`	a year	crt.sh
*.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-09` - `2024-07-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ndaktau.biz.id/
Frame ID: F8F29471361067C1D129392FEA888196
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 09F83B3D04FE6ACB8BABE991C84F7E1C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681710083168890&output=html&adk=1812271804&adf=3025194257&lmt=1703362741&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fndaktau.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703362741236&bpp=3&bdt=1035&idt=602&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8298423934149&frm=20&pv=2&ga_vid=2129728055.1703362742&ga_sid=1703362742&ga_hid=1592944567&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95320885&oid=2&pvsid=741175406358230&tmod=1280711508&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=645
Frame ID: 40305707F88113C487FAA8B061907257
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F2B918C00879E3D083BA23FC83986DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F6239F33E866D2E6BD8D703B7D86EC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ndaktau.biz.id

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

98 %
HTTPS

67 %
IPv6

23
Domains

24
Subdomains

25
IPs

2
Countries

7524 kB
Transfer

8326 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://kertasdinding.com/
Title: KertasDinding.com

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/feed/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ndaktau.biz.id/ 66 KB
9 KB 966ms
471ms Document
text/html 2606:4700:3036::6815:34bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:34bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e232ad56b69b45b364ba5ac7ea317e77bd2ff8583080b088b0584ef7a2123a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a34c035c733365-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 20:19:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeepgAdkvfCPmSkv684zhF9dlVBGUhCV6SZv84QvzGzazAsdoe8FtQtprlcAIHMM%2BrcM7KuukIG0QhB8aEv5u3Q0bg4f%2FPtETCAypoBBMHZDn1hkrelCdI%2F4RrTs3O5zefPyQsykgr%2BVyvpAdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 6bdc2.css
ndaktau.biz.id/themes/default/assets_files/ 263 KB
41 KB 653ms
646ms Stylesheet
text/css 2606:4700:3036::6815:34bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ndaktau.biz.id/themes/default/assets_files/6bdc2.css

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:34bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: W/"613f6a00-41d1d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2By9JmKozPnvYitS%2B7sTq8QLMSJACegnVg9AT9MZqgRr%2B4R2BSib8pYCIEcpkUY1p5pFhvujVqiecQtrE2hNfbcMLRuL2AapHGB7XMTzohKyEx6RfXZYzha62SI7fOm3wjmHC2iw0Xy9C4jJXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 83a34c06699b3365-MIA
expires: Sun, 22 Dec 2024 20:19:08 GMT

GET css
ndaktau.biz.id/themes/default/assets_files/ 0
0

GET
H3 200 sdk.js.download Show response
ndaktau.biz.id/themes/default/assets_files/ 198 KB
198 KB 546ms
543ms Script
application/octet-stream 2606:4700:3036::6815:34bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ndaktau.biz.id/themes/default/assets_files/sdk.js.download

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:34bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ndaktau.biz.id/
Origin: https://ndaktau.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 202529
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-31721"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYVJXJJ2UGFDQBuVJGmFYhh6whvf2QmlLt5JIbWTXXe%2BinYomYivtD1OfB2BQDP2nvbKjFKF5sRk2ZIQ3WGDkbrPooWfxPiY3YXPzOOamFg9AB3y4e%2B05eGz%2FhGWDo3uKKOeOeEzfHzYurjjjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 83a34c090a1e1287-MIA

GET
H2 200 sdk.js(1).download Show response
ndaktau.biz.id/themes/default/assets_files/ 3 KB
3 KB 415ms
410ms Script
application/octet-stream 2606:4700:3036::6815:34bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ndaktau.biz.id/themes/default/assets_files/sdk.js(1).download

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:34bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3224
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-c98"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsSxKvNhufruo%2BC3RI%2BLR2BLBwcTuGjFo1jDPGWrvRwQOuf4vynOiUKLc3x%2FZoNDBNKddmX9k9vPPUYmDtu%2BUd3xmcM6Qtu3a219IE6l5jC8gcqvyz%2B53FNpqvSXZnu0bAw9SEziCxblV%2FuNtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 83a34c06799f3365-MIA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 256ms
93ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8681710083168890

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4711fbaf51ac3d684b6ab4dd517e1546af24c312fe3157df3f9039bef53c24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndaktau.biz.id/
Origin: https://ndaktau.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51277
x-xss-protection: 0
server: cafe
etag: 1344836495089726636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:19:01 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 132ms
43ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ndaktau.biz.id/
Origin: https://ndaktau.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3056936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu5UU8OQIWWGk4OsFifK%2Bt%2FmblEeS8f%2B9ddE4am6eRY5ii41HlJtWuoKf1GMrQERSxu5JzYOt1%2BQHKTNd3rwJKqcP7%2BDvD3x5o2xzl20GFdAU9V%2Fb%2BpbxvgKCIk2Ok0tiMYBp3p13P56Lrplc8Qjr71p"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a34c06faf37483-MIA
expires: Thu, 12 Dec 2024 20:19:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 197ms
62ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 17:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 17:36:11 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 41ms
40ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://ndaktau.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2811483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80252
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j24Q5lTSNYc04Scj6Kf%2FId1ELZTAcfVOsS5PEyKoleppyuUPVq6xJKRnRPuRhnqJC6VI5fiCpdbH3DOO39In6wfICigDknaWfSLBPw%2FPbOQ6SkCt1JAY4vIC7B05esWvR1IBlHkeb2hRHowtxc93zuTi"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a34c0ab9247483-MIA
expires: Thu, 12 Dec 2024 20:19:00 GMT

GET
H2 200 squirrel-c-1-scaled.jpg
malvorlagen-seite.de/wp-content/uploads/2022/03/ 141 KB
141 KB 710ms
317ms Image
image/webp 85.13.152.92
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malvorlagen-seite.de/wp-content/uploads/2022/03/squirrel-c-1-scaled.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.152.92 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd35318.kasserver.com
Software: Apache /
Resource Hash: acb5fb44ba584e0cfb86d4cb6f467fdb6e9fbb563b7d9aba972cac0e393f238a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Thu, 31 Mar 2022 16:37:23 GMT
server: Apache
vary: Accept
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 143910
expires: max-age=A10368000, public

GET
H2 200 Malvorlage-Eichhoernchen-e1507894097500.png
mamaz.de/wp-content/uploads/2017/10/ 929 KB
930 KB 724ms
289ms Image
image/png 116.202.66.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mamaz.de/wp-content/uploads/2017/10/Malvorlage-Eichhoernchen-e1507894097500.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.66.60 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.febas.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: 9e53495e99fe32abd71ce2f7bbb923ab06c0104b17ad8d62fffc6fa569d06f6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Fri, 13 Oct 2017 11:28:17 GMT
server: Apache/2.4.56 (Debian)
disablevcache: true
etag: "e8406-55b6bf40d4d2c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 951302
expires: Mon, 22 Jan 2024 20:19:01 GMT

GET
H2 200 pngtree-drawing-a-squirrel-in-the-forest-coloring-page-picture-image_3419575.jpg
png.pngtree.com/background/20230613/original/ 1008 KB
1009 KB 1065ms
969ms Image
image/jpg 2606:4700::6812:29d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://png.pngtree.com/background/20230613/original/pngtree-drawing-a-squirrel-in-the-forest-coloring-page-picture-image_3419575.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:29d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7930bd880f6912f16daf4a78e41887f08f2323f0d99b8e1f0ec12d5296cf93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
cf-cache-status: HIT
x-amz-request-id: 8YC1433T4481Q3A9
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 1031833
x-amz-id-2: hgPAP1Td43GhFGGxDoPHEfsE+rawHSsV1LB1a8DgZeQX2xFiwNy4qKqVL3FW4cjlaA0Giar4a9M=
cf-bgj: h2pri
last-modified: Tue, 13 Jun 2023 17:07:39 GMT
server: cloudflare
etag: "f1542f639e9587ae9c66b111999671b4"
vary: Accept-Encoding
content-type: image/jpg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 83a34c0b7965da23-MIA
expires: Wed, 26 Jun 2024 20:19:01 GMT

GET
H2 200 eichhoernchen-mit-grossen-augen.png
www.gratis-malvorlagen.de/gratis-malvorlagen/ 27 KB
28 KB 734ms
299ms Image
image/png 2a03:4000:30:1b31::10:7040
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gratis-malvorlagen.de/gratis-malvorlagen/eichhoernchen-mit-grossen-augen.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:4000:30:1b31::10:7040 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6d8109cc6b9d836eacbe4b79bb95caabd97a218620f02ddbdf4017b5499c8dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Tue, 22 Jun 2021 19:29:58 GMT
server: nginx
etag: "60d23a36-6d5a"
content-type: image/png
cache-control: public, max-age=86400, no-transform
accept-ranges: bytes
content-length: 27994

GET
H2 200 Ausmalbilder-Eichhoernchen-Kostenlose-Herbst-Malvorlagen-zum-Ausdrucken-Header-ElternErfolg.png
www.eltern-erfolg.de/wp-content/uploads/2023/09/ 626 KB
627 KB 920ms
321ms Image
image/png 85.13.136.76
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eltern-erfolg.de/wp-content/uploads/2023/09/Ausmalbilder-Eichhoernchen-Kostenlose-Herbst-Malvorlagen-zum-Ausdrucken-Header-ElternErfolg.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.136.76 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd14820.kasserver.com
Software: Apache /
Resource Hash: 1ee85331c72ff9c3f37b4c298c579c78461040b3f2c74ac3b3e8ecb5ac075237

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Sat, 14 Oct 2023 10:33:16 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 641144
expires: Sun, 21 Apr 2024 20:19:01 GMT

GET
H2 200 23525736-eichhornchen-malvorlagen-fur-kinder-kostenlos-vektor.jpg
static.vecteezy.com/ti/gratis-vektor/p3/ 397 KB
373 KB 215ms
112ms Image
image/jpeg 2606:4700:4400::6812:2320
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vecteezy.com/ti/gratis-vektor/p3/23525736-eichhornchen-malvorlagen-fur-kinder-kostenlos-vektor.jpg

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2320 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e169afa00d1027b201d1c434db2735b270b8a44d9358fcac8e3dbc811ac343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
via: 1.1 47f183d2cf935cbbbba084657d18c0e0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
strict-transport-security: max-age=15552000; preload
x-amz-cf-pop: MIA3-P4
x-amzn-requestid: cd447496-7028-42b4-bc9b-10926cde0470
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 23 Dec 2023 20:19:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=31536000
cf-ray: 83a34c0b8ecd8de5-MIA
x-amz-cf-id: dJ6axr5JlwgHuZKq830e8Qv9-8ywGQbdfSh5pDkCQ3lQzGz0p8HhGw==
expires: Sun, 22 Dec 2024 20:19:01 GMT

GET
H2 200 49729349-adorable-eichh%C3%B6rnchen-ausmalbilder-in-exquisite-linie.jpg
previews.123rf.com/images/kchung/kchung1512/kchung151200403/ 233 KB
234 KB 226ms
90ms Image
image/jpeg 18.164.116.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://previews.123rf.com/images/kchung/kchung1512/kchung151200403/49729349-adorable-eichh%C3%B6rnchen-ausmalbilder-in-exquisite-linie.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-101.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a79355af229f909f6a23f3a9b29fb568e18a3ee8ae7476e8f0a491e63379de1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 18:13:30 GMT
via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 05:21:24 GMT
server: AmazonS3
x-amz-request-id: 8ETDJTP1XVS1KHCY
x-amz-cf-pop: JFK50-P6
etag: "d17014be74afb50d6611d0c2caa95e01"
age: 266732
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 239086
x-amz-id-2: 0+4SRsnDCw/BDsXjLxF1EAPcBqZjp5v9Nq3MBjfRnX0ozQ1CnEIqVgqeUV24DWLEdOeCXmikAt8=
x-amz-cf-id: ndlrb7ObxTyQCTlvZuj97wJ5nv8gTag0A6SfApJo2fL2JTlPNkB-Rg==

GET
H2 200 Cute-Squirrel-Coloring-Page-67170535-1.png
www.creativefabrica.com/wp-content/uploads/2023/04/14/ 362 KB
363 KB 440ms
338ms Image
image/png 2606:4700::6812:6eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.creativefabrica.com/wp-content/uploads/2023/04/14/Cute-Squirrel-Coloring-Page-67170535-1.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980576271e25a0eeceb4afbcf9d3c134d13963ea41986e906095f159450441f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Apr 2023 07:00:04 GMT
server: cloudflare
etag: "5a81a-5f94664048cc0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=16070400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83a34c0b8e9bdaf5-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 370714
expires: Wed, 26 Jun 2024 20:19:01 GMT

GET
H2 200 Cute-Squirrel-coloring-pages-1.jpg
gbcoloring.com/wp-content/uploads/2023/05/ 76 KB
77 KB 179ms
43ms Image
image/jpeg 2606:4700:3036::ac43:d914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbcoloring.com/wp-content/uploads/2023/05/Cute-Squirrel-coloring-pages-1.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eedc03d9bf980e957e5b6615ae609baee8bc9e08d9aa5b98cc2eb7a97fcc2dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261542
alt-svc: h3=":443"; ma=86400
content-length: 77776
last-modified: Mon, 08 May 2023 04:33:15 GMT
server: cloudflare
etag: "12fd0-64587b8b-41d026;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fgHNQk9TyB4TdkuqAFF4GuPqBGKlPySXnRl%2FU%2ByN6PLYJaGW26tAA5j7SZS6tPnK31bPvu9p3RGAYKWiS50u94nqObL0WOvyX4UfJ2kpi0Kt58%2FneCPYwVZATGy4Dt4Bs%2BsKLzQRuolStzFjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83a34c0bbdeab3e6-MIA
expires: Wed, 27 Dec 2023 19:39:59 GMT

GET
H2 200 Cute-Squirrel-Coloring-Page-67171153-1.png
www.creativefabrica.com/wp-content/uploads/2023/04/14/ 393 KB
394 KB 200ms
109ms Image
image/png 2606:4700::6812:6eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.creativefabrica.com/wp-content/uploads/2023/04/14/Cute-Squirrel-Coloring-Page-67171153-1.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58a6db7278a51fdd5b99937e47bdbf67788dc33bbb4f77b7a0751a366ba5bc81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Apr 2023 07:17:19 GMT
server: cloudflare
etag: "623db-5f946a1ade788"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=16070400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83a34c0b8e9adaf5-MIA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 402395
expires: Wed, 26 Jun 2024 20:19:01 GMT

GET
H2 200 eichhoernchen-1-scaled-e1611503951774.jpg
malvorlagen-seite.de/wp-content/uploads/2021/01/ 107 KB
107 KB 1052ms
672ms Image
image/webp 85.13.152.92
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malvorlagen-seite.de/wp-content/uploads/2021/01/eichhoernchen-1-scaled-e1611503951774.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.152.92 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd35318.kasserver.com
Software: Apache /
Resource Hash: aed0e9e16a0989c277f808d3226df7423ad1c7099774ab5eab0d29774520d047

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Sat, 13 Nov 2021 19:20:06 GMT
server: Apache
vary: Accept
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 109420
expires: max-age=A10368000, public

GET
H2 200 eichhoernchen-zum-ausmalen-book-isolated-auf-weissem-hintergrund-line-art-design-vector-illustration_77119-86.jpg
img.freepik.com/vektoren-premium/ 32 KB
32 KB 746ms
518ms Image
image/avif 2600:141b:1c00:30::1739:5a70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.freepik.com/vektoren-premium/eichhoernchen-zum-ausmalen-book-isolated-auf-weissem-hintergrund-line-art-design-vector-illustration_77119-86.jpg?w=2000
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 70106db31a2dec2a3ab6abb9b9fb2f210ed124935dae85145893427b6068d76d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Mon, 13 Nov 2023 18:52:02 GMT
etag: "7bed913322590619a8e5bdcd86f7dc37"
content-type: image/avif
cache-control: private, no-transform, max-age=604800
x-robots-tag: noimageai
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 32501
expires: Sat, 30 Dec 2023 20:19:01 GMT

GET
H2 200 squirrel-preparing-for-winter-coloring-page.png
www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2016/10/ 80 KB
81 KB 290ms
199ms Image
image/png 2606:4700:20::681a:b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2016/10/squirrel-preparing-for-winter-coloring-page.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e444c960f9272f8d199a00d878ceb9352b1f2b44d0930ae946b5b9fb9a968a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 20:19:01 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 82225
last-modified: Wed, 12 Oct 2016 14:16:36 GMT
server: cloudflare
etag: "57fe45c4-14131"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plMgvlo5pnFlqYvpK3AfrgPJg8Hh9awa0OMx2dFNn02qnMNvKlX1wHSddFuIwIZbP7ZLMRnTwYVtD%2FIezDMq7UhHGVU1CWq6dJKu4kVqUt%2FSfmgPq9nINGbdQSc0MoSUAOKGSGyuFzcjvYdqya2yHswJYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 174420076
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 83a34c0b88be497a-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 malvorlage-fuer-kinder-baby-eichhoernchen_793248-449.jpg
img.freepik.com/vektoren-premium/ 166 KB
167 KB 787ms
597ms Image
image/avif 2600:141b:1c00:30::1739:5a70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.freepik.com/vektoren-premium/malvorlage-fuer-kinder-baby-eichhoernchen_793248-449.jpg?w=2000
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ea09a7bcfd765ce136ab37e53d0eebecbac7a393e8be2d275a4307da5c3ee473

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Fri, 15 Dec 2023 12:41:04 GMT
etag: "8c9f18419f7affc85c7907249dabf836"
content-type: image/avif
cache-control: private, no-transform, max-age=604800
x-robots-tag: noimageai
content-length: 170268
expires: Sat, 30 Dec 2023 20:19:01 GMT

GET
H2 200 49728865-adorable-eichh%C3%B6rnchen-ausmalbilder-in-exquisite-linie.jpg
previews.123rf.com/images/kchung/kchung1512/kchung151200284/ 443 KB
444 KB 339ms
253ms Image
image/jpeg 18.164.116.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://previews.123rf.com/images/kchung/kchung1512/kchung151200284/49728865-adorable-eichh%C3%B6rnchen-ausmalbilder-in-exquisite-linie.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-101.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20fcc0326d513db6a923d19593e36c06fd0a3d1c1429bf4d763775e6c5ff2fdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:02 GMT
via: 1.1 d98647edce17345f3d148190339e9d8c.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 05:21:20 GMT
server: AmazonS3
x-amz-request-id: ZZCFS9CNYXVC92AH
x-amz-cf-pop: JFK50-P6
etag: "9ab4d78778963720a5e67ea65c6ab9bb"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 454013
x-amz-id-2: 5tQkuuh8Fj+Qy+TnEkSHSQ5DvgpZj7UxIKN/yJzA8ToPCPC8iajuRSNDk1uYh9kJHYlBOgy4OCE=
x-amz-cf-id: S3g2shR4-o6QTC_IxhC5EiSzDroztb2cc2nJM3qRuJtFZgHxAvB4eQ==

GET
H2 200 Eichh%C3%B6rnchen_Ausmalbild.png
www.kribbelbunt.de/fileadmin/user_upload/ 223 KB
224 KB 734ms
644ms Image
image/png 2606:4700:20::ac43:48d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kribbelbunt.de/fileadmin/user_upload/Eichh%C3%B6rnchen_Ausmalbild.png

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d6ec39d30237184317211e461c66a082468ad72b966a7780ebfd09cbc937d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
content-security-policy: default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 13:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDv5w0RvgvyvvwtTOTmoNroDRU%2BkSI1lRmCswEVFIyRpyH0W9WLEdj0chpWkdP2PwVYWNCvV11HXZoad%2FhWeks5%2BXI9Ykh5rCUMaMSvGSFZYrVWKEpOvs%2Bc353pYzsbx%2Bq%2Fk92%2FNln%2BUy4HXRJMw%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 83a34c0bbcf0742c-MIA
content-length: 228230

GET
H2 200 Baby-Eichhoernchen-1.png
mal-o-mat.de/wp-content/uploads/2023/03/ 298 KB
298 KB 940ms
320ms Image
image/png 85.13.132.46
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mal-o-mat.de/wp-content/uploads/2023/03/Baby-Eichhoernchen-1.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.132.46 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd33018.kasserver.com
Software: Apache /
Resource Hash: 3a157301c1f06c85bce390493807fc50a5796872a92cc0bf68db4bc49b59ac3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Thu, 23 Mar 2023 16:19:22 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 304742
expires: Sun, 21 Apr 2024 20:19:01 GMT

GET
H2 200 squirrel-coloring-page.png
www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2022/08/ 43 KB
44 KB 216ms
164ms Image
image/png 2606:4700:20::681a:b58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.supercoloring.com/sites/default/files/styles/coloring_full/public/cif/2022/08/squirrel-coloring-page.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28505ace0d88d63405b4813ab4048f57f8e8662e723e00722ffec2416cb8d721

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 20:19:01 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44417
last-modified: Sat, 20 Aug 2022 14:47:20 GMT
server: cloudflare
etag: "6300f3f8-ad81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhWBRKo%2BsSFJYA4f9K9KYHYNO9eY89WRk8kt%2Bqhqdh9Zsbk2WYKBXSXi6EtLxtHfmaHva3gj5DxdzKmoxU6Dq4oDi%2BCdZSbVM9J813VFnHFZj07behMX2pPnwo4wq3LH9NqRT1oMhr7bUBP1SPBWiCj6cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 256286360
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 83a34c0b88c1497a-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eichhoernchen_zeichnung_1.png
leonivo.files.wordpress.com/2015/10/ 52 KB
52 KB 158ms
58ms Image
image/webp 192.0.72.19
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leonivo.files.wordpress.com/2015/10/eichhoernchen_zeichnung_1.png?w=1400

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

00fe87e6b8da43818394f92e05f809e9ec99b189ed6acd850132ce8485f0c7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: MISS mia 19 np
date: Sat, 23 Dec 2023 20:19:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Oct 2015 10:49:54 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://leonivo.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 53378
expires: Wed, 17 Jan 2024 11:36:52 GMT

GET
H/1.1 200
OK bildschirmfoto_2017-11-16_um_13.29.41_7.png
www.olis-bahnwelt.de/sites/default/files/ 282 KB
283 KB 1092ms
352ms Image
image/png 142.132.223.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.olis-bahnwelt.de/sites/default/files/bildschirmfoto_2017-11-16_um_13.29.41_7.png

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

142.132.223.132 Jena, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

kbbdbag03.moc-dns.net

Software

nginx /

Resource Hash

891203a971b1d77ab19839f31100d82750bddcf1d83e76fed9372b916e1ff54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 20:19:01 GMT
Strict-Transport-Security: max-age=63072000; preload
Last-Modified: Tue, 05 Mar 2019 12:43:24 GMT
Server: nginx
ETag: "469f0-5835838089300"
X-Cache-Status: STALE
Content-Type: image/png
X-Server: node03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 289264

GET
H2 200 eichhoernchen.jpg
www.schule-und-familie.de//assets/images/2021/3/ 102 KB
103 KB 980ms
399ms Image
image/jpeg 192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.schule-und-familie.de//assets/images/2021/3/eichhoernchen.jpg

Requested by

Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10017.sucuri.net

Software

nginx /

Resource Hash

826abe08455f2bf33b4b87fde9bc49b0164010aa75d16a1d85960b11f6a3ef0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 14:08:26 GMT
server: nginx
etag: "198a4-5be34b7557ad3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 17017
accept-ranges: bytes
content-length: 104612
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Eichhoernchen-im-Blumenkranz.png
mal-o-mat.de/wp-content/uploads/2023/02/ 549 KB
550 KB 726ms
319ms Image
image/png 85.13.132.46
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mal-o-mat.de/wp-content/uploads/2023/02/Eichhoernchen-im-Blumenkranz.png
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.132.46 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd33018.kasserver.com
Software: Apache /
Resource Hash: 54c817fd2ce1b46533b1415561fec57b694ab2732a0a923654ed1e2d7a26ca41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Fri, 24 Feb 2023 18:53:49 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 562482
expires: Sun, 21 Apr 2024 20:19:01 GMT

GET
H2 200 malvorlage-eichhoernchen-nuesse-essen-1.jpg
malvorlagen-seite.de/wp-content/uploads/2019/08/ 334 KB
334 KB 795ms
672ms Image
image/webp 85.13.152.92
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malvorlagen-seite.de/wp-content/uploads/2019/08/malvorlage-eichhoernchen-nuesse-essen-1.jpg
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.152.92 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd35318.kasserver.com
Software: Apache /
Resource Hash: c4c3afdfafa7b4afe6355a914298cd0226ad6d86d55b55dfb892e9dca19619ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
last-modified: Thu, 22 Aug 2019 16:02:37 GMT
server: Apache
vary: Accept
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 341782
expires: max-age=A10368000, public

GET
H2 200 8401577902ad3876f7144c13c7562574.gif
i.pinimg.com/originals/84/01/57/ 30 KB
30 KB 235ms
126ms Image
image/gif 2606:4700:4400::6812:2640
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/84/01/57/8401577902ad3876f7144c13c7562574.gif
Requested by: Host: ndaktau.biz.id
URL: https://ndaktau.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f8825ec73dd69494446bb8ecf7002e75cf3c53236a407170133c5fdf424bf3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
x-cdn: cloudflare
server: cloudflare
etag: "6f2051e4dc97c5cbb6a602651359dfca"
edge-start: 1703362741341
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, immutable
x-amz-replication-status: FAILED
accept-ranges: bytes
cf-ray: 83a34c0d5e0ad9dd-MIA
alt-svc: h3=":443"; ma=600
content-length: 30726
origin-latency: 87

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 273ms
143ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8681710083168890

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1916131603004031834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:19:01 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 09F8 9 KB
4 KB 206ms
64ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8681710083168890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndaktau.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 20:06:11 GMT
etag: 5585625838579639069
expires: Sat, 06 Jan 2024 20:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4030 603 B
245 B 92ms
86ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8681710083168890&output=html&adk=1812271804&adf=3025194257&lmt=1703362741&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fndaktau.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703362741236&bpp=3&bdt=1035&idt=602&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8298423934149&frm=20&pv=2&ga_vid=2129728055.1703362742&ga_sid=1703362742&ga_hid=1592944567&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95320885&oid=2&pvsid=741175406358230&tmod=1280711508&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=645

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndaktau.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 20:19:01 GMT
expires: Sat, 23 Dec 2023 20:19:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 222ms
221ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c76ca9f8f1cefe0c52251f5d19a2879b70e170aee7a29a719cefb8844bd8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12239
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 229ms
94ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 20:19:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F2B 13 KB
5 KB 63ms
61ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ndaktau.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 173510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:07:13 GMT
expires: Fri, 20 Dec 2024 20:07:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F62 829 B
1 KB 216ms
82ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6dc3fc2c199611dee9c280469437e266b59f7c4bf1617a8748b4b1f6d22d2ab0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HiefUJRSGICd8YGmMxaLuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ndaktau.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HiefUJRSGICd8YGmMxaLuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 20:19:03 GMT
expires: Sat, 23 Dec 2023 20:19:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F2B 39 KB
15 KB 62ms
61ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:08:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F62 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=741175406358230&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4F2B 0
10 B 62ms
62ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A7Uqfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:19:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=741175406358230&bg=!3N-l35DNAAY3kmNgF5I7ADQBe5WfOKewK0LJE_C0LVOHqpeTUpaxQkRRvdv7SDwWarI8j9MzYjx4-YSJ0fQwXIdYHBqHAgAAAJ5SAAAABWgBB5kDDAoE0ducTB7tzW3xcQNQhb123ozJituX1E6e01wNeTxVJbj8vfE7-uTK5cbGTMwPiBYtoSnbxyjo2mC1l3IZjVAck3ZlZXb-TkTvchWTi98g_ongGrEmrMnj31yTrwLTbUbHuQQu9yHDo6xnwYx9rpssgFx1XCR_Hi68yzKh7VoKPUQUf0OZXGzkWhQc6YTy4HpvIoJhwv03ZjScujak2ZI3E0a2RCrSJFraukM0NF6-bC4UtfCYNyRh6GQgCjgw1wqZBbqT1Xn0nVDbIzZfUstkl-Zuzd567WdSBGg6anuzwgHSuVqme6a3rnY83Z_84fNY1nSEWMYt685vgyZ2_S9NYyOJ4Os1CzLyqLkk4Fh1it_dGm_87MOtvloh6gw-b4jNvCR13FSseGI8CFvb5jnLa4cOPzNB7R7Vje9CGU8oSHrm_pDbWum-OjasSCxX1P1Vhp6Tq07xSSQWS3_poYM1hRVfSZQIjbX5760y01zDPgOEa5nnlIQPpKVmzHViXN0xAvqCymKpmNwSxNiM6Bx7kII3Ki0F7UUTHqhBdEEnDs4k11XjXLDIOUgXrnYV5XiT7oOFVl9zOpLKmuh19PKFUgrOxarQZYU5Mtsv2OkksDn_B4BrxHKIcbLEj0sljkOPgWMF4RSC9Ef9G77_aA9IJ7Akt1YRprW8jSamLnDQkl2h2jVrKUYOFqMs7UyblcsDWzrCNWHPKSf1Vop1fhmzWBCzk6qha6URkcIJ8j0iVZtWPzP35exXeHLDcUF55QKJwAD8MHv6v0GfD2bejpKag9qlRb_wuvxCWLzYkbLB1Tks0D0HwjCwHq81GyoIRkp6n7-zn2lFE3Ua5QG198O0yY0fRZ34YsektAFlce7pVAVQBRkKQ9s0svp6ypDfs0f92SATPxwlYWL3ZBgsRk6VqI3gF8H9Otbilb7K6foEPyCWWrktR7mvwPZvB42MHf1AO7hsJhncHVoif2DEc-13TFyXzR2Gzmw4NXP7KAOxrQYtuRdMKuji3cJFuyl1gBrYaBVPg5tP1iyRwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ndaktau.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ndaktau.biz.id
URL: https://ndaktau.biz.id/themes/default/assets_files/css

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ndaktau.biz.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 515230ea10ad3c315f49b8da4f6e1c3f
.vecteezy.com/	1970-01-20 17:09:24	Name: __cf_bm Value: zVx_ia9DvCi9PD7f8jWrICmAShUBR3ILuU4wHwsqk2k-1703362741-1-AfcVkSjSmJrkxEUUszPU50glL3qXKkJE/tNMy3XtDwDMCJ9wv7i+ruTbaXsRumUj9NBMXQ1shRDZNChUU0SedYo=
.creativefabrica.com/	1970-01-20 17:09:24	Name: __cf_bm Value: M932iyQz0jgqG2.81mNPLsHE59B42H8LTL9oV6Yp0pI-1703362741-1-Aa/SSrzaABNk+4OyX/M1mRQf6hmFUvWezWswGxdMTcq4yD7qlx+s+PhkQh5mUBWQOP2Glyer4eJSM+cORKrvO4E=
.doubleclick.net/	1970-01-20 17:09:23	Name: test_cookie Value: CheckForPermission
.pngtree.com/	1970-01-20 17:09:24	Name: __cf_bm Value: BEMYDNOqycRQXKLCBWwasrt9BRIrdtkF9fkF3QxrbPI-1703362741-1-AQdmWS5wVkwddRvIlOzcLncXuGAvDrmeaLNB718lfqC/x2y8UHQJirOEJaFBUDZlWClUrT8LfITwLjRrNa0LrsM=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ndaktau.biz.id/ Message: Refused to apply style from 'https://ndaktau.biz.id/themes/default/assets_files/css' because its MIME type ('application/octet-stream') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://ndaktau.biz.id/ Message: Refused to execute script from 'https://ndaktau.biz.id/themes/default/assets_files/sdk.js(1).download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://ndaktau.biz.id/ Message: Refused to execute script from 'https://ndaktau.biz.id/themes/default/assets_files/sdk.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
gbcoloring.com
googleads.g.doubleclick.net
i.pinimg.com
img.freepik.com
leonivo.files.wordpress.com
mal-o-mat.de
malvorlagen-seite.de
mamaz.de
ndaktau.biz.id
pagead2.googlesyndication.com
png.pngtree.com
previews.123rf.com
static.vecteezy.com
tpc.googlesyndication.com
www.creativefabrica.com
www.eltern-erfolg.de
www.google.com
www.gratis-malvorlagen.de
www.kribbelbunt.de
www.olis-bahnwelt.de
www.schule-und-familie.de
www.supercoloring.com
ndaktau.biz.id
116.202.66.60
142.132.223.132
18.164.116.101
192.0.72.19
192.124.249.17
2600:141b:1c00:30::1739:5a70
2606:4700:20::681a:b58
2606:4700:20::ac43:48d3
2606:4700:3036::6815:34bf
2606:4700:3036::ac43:d914
2606:4700:4400::6812:2320
2606:4700:4400::6812:2640
2606:4700::6811:190e
2606:4700::6812:29d
2606:4700::6812:6eb
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
2a03:4000:30:1b31::10:7040
85.13.132.46
85.13.136.76
85.13.152.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fe87e6b8da43818394f92e05f809e9ec99b189ed6acd850132ce8485f0c7b6
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
15f8825ec73dd69494446bb8ecf7002e75cf3c53236a407170133c5fdf424bf3
1c7930bd880f6912f16daf4a78e41887f08f2323f0d99b8e1f0ec12d5296cf93
1ee85331c72ff9c3f37b4c298c579c78461040b3f2c74ac3b3e8ecb5ac075237
1eedc03d9bf980e957e5b6615ae609baee8bc9e08d9aa5b98cc2eb7a97fcc2dd
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20fcc0326d513db6a923d19593e36c06fd0a3d1c1429bf4d763775e6c5ff2fdf
28505ace0d88d63405b4813ab4048f57f8e8662e723e00722ffec2416cb8d721
3a157301c1f06c85bce390493807fc50a5796872a92cc0bf68db4bc49b59ac3a
3e444c960f9272f8d199a00d878ceb9352b1f2b44d0930ae946b5b9fb9a968a8
42d6ec39d30237184317211e461c66a082468ad72b966a7780ebfd09cbc937d3
54c817fd2ce1b46533b1415561fec57b694ab2732a0a923654ed1e2d7a26ca41
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a6db7278a51fdd5b99937e47bdbf67788dc33bbb4f77b7a0751a366ba5bc81
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b
6dc3fc2c199611dee9c280469437e266b59f7c4bf1617a8748b4b1f6d22d2ab0
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
70106db31a2dec2a3ab6abb9b9fb2f210ed124935dae85145893427b6068d76d
7e232ad56b69b45b364ba5ac7ea317e77bd2ff8583080b088b0584ef7a2123a6
826abe08455f2bf33b4b87fde9bc49b0164010aa75d16a1d85960b11f6a3ef0e
891203a971b1d77ab19839f31100d82750bddcf1d83e76fed9372b916e1ff54b
980576271e25a0eeceb4afbcf9d3c134d13963ea41986e906095f159450441f3
9e53495e99fe32abd71ce2f7bbb923ab06c0104b17ad8d62fffc6fa569d06f6a
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a3e169afa00d1027b201d1c434db2735b270b8a44d9358fcac8e3dbc811ac343
a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840
a6c76ca9f8f1cefe0c52251f5d19a2879b70e170aee7a29a719cefb8844bd8d3
a79355af229f909f6a23f3a9b29fb568e18a3ee8ae7476e8f0a491e63379de1d
acb5fb44ba584e0cfb86d4cb6f467fdb6e9fbb563b7d9aba972cac0e393f238a
aed0e9e16a0989c277f808d3226df7423ad1c7099774ab5eab0d29774520d047
c4711fbaf51ac3d684b6ab4dd517e1546af24c312fe3157df3f9039bef53c24b
c4c3afdfafa7b4afe6355a914298cd0226ad6d86d55b55dfb892e9dca19619ea
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d6d8109cc6b9d836eacbe4b79bb95caabd97a218620f02ddbdf4017b5499c8dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d
ea09a7bcfd765ce136ab37e53d0eebecbac7a393e8be2d275a4307da5c3ee473
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ndaktau.biz.id Open in urlscan Pro 2606:4700:3036::6815:34bf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

67 %IPv6

23 Domains

24 Subdomains

25 IPs

2 Countries

7524 kBTransfer

8326 kBSize

5 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ndaktau.biz.id Open in urlscan Pro
2606:4700:3036::6815:34bf Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

67 %
IPv6

23
Domains

24
Subdomains

25
IPs

2
Countries

7524 kB
Transfer

8326 kB
Size

5
Cookies

44 HTTP transactions
0 data transactions