www.gading.biz.id Open in urlscan Pro
2606:4700:3034::ac43:9ef1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gading.biz.id/
Submission: On December 24 via api (December 24th 2023, 1:05:33 pm UTC) from US — Scanned from US

Summary HTTP 46 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 23 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3034::ac43:9ef1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gading.biz.id.
TLS certificate: Issued by GTS CA 1P5 on December 22nd 2023. Valid for: 3 months.

This is the only time www.gading.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::ac43:9ef1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	85.13.152.92 85.13.152.92	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
5	2600:141b:1c0... 2600:141b:1c00:16::17c4:30f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.160.156.127 18.160.156.127	16509 (AMAZON-02) (AMAZON-02)
2	85.13.129.82 85.13.129.82	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	172.67.71.245 172.67.71.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:254... 2600:9000:2548:600:7:b6d:8000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6815:1834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2a00:140... 2a03:2a00:1400:0:1::4959	15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
1	2001:67c:680:... 2001:67c:680:f06::140	202577 (KDVZ-FRECHEN) (KDVZ-FRECHEN)
1	2600:141b:1c0... 2600:141b:1c00:30::1739:5a70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:303... 2606:4700:3037::6815:4c20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	85.13.136.19 85.13.136.19	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:303... 2606:4700:3035::ac43:de7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:8d8:100f... 2001:8d8:100f:f000::254	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2606:4700::68... 2606:4700::6812:dc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.75.251.58 77.75.251.58	45012 (CLOUDPIT) (CLOUDPIT)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
46	25

4 2606:4700:3034::ac43:9ef1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gading.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.152.92 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd35318.kasserver.com

malvorlagen-seite.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:1c00:16::17c4:30f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.156.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-156-127.iah50.r.cloudfront.net

media.target-video.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.13.129.82 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd17224.kasserver.com

www.zitronenbande.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.245 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rofu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2548:600:7:b6d:8000:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.framily.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1834 (United States)

ASN13335 (CLOUDFLARENET, US)

gbcoloring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2a00:1400:0:1::4959 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

wunderbunt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:680:f06::140 (Germany)

ASN202577 (KDVZ-FRECHEN, DE)

www.familienzentrum-nelly-puetz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:30::1739:5a70 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

img.freepik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4c20 (United States)

ASN13335 (CLOUDFLARENET, US)

ausm2kind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.136.19 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd14626.kasserver.com

www.zusammenspiel-raa.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10017.sucuri.net

www.schule-und-familie.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:de7c (United States)

ASN13335 (CLOUDFLARENET, US)

ausmalbilder-gb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:8d8:100f:f000::254 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.malvorlagen-bilder.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)

media.happycolorz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.75.251.58 (Germany)

ASN45012 (CLOUDPIT, DE)
PTR: cloud5-vm453.de-nserver.de

bildnerverlag.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	324 KB
5	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1912	324 KB
4	gading.biz.id www.gading.biz.id	253 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	ausm2kind.com ausm2kind.com	760 KB
2	wunderbunt.de wunderbunt.de	467 KB
2	zitronenbande.de www.zitronenbande.de	437 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	90 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	bildnerverlag.de bildnerverlag.de	3 MB
1	happycolorz.de media.happycolorz.de	22 KB
1	malvorlagen-bilder.de www.malvorlagen-bilder.de	463 KB
1	ausmalbilder-gb.de ausmalbilder-gb.de	112 KB
1	schule-und-familie.de www.schule-und-familie.de	100 KB
1	zusammenspiel-raa.de www.zusammenspiel-raa.de	58 KB
1	freepik.com img.freepik.com — Cisco Umbrella Rank: 17955	44 KB
1	familienzentrum-nelly-puetz.de www.familienzentrum-nelly-puetz.de	739 KB
1	gbcoloring.com gbcoloring.com — Cisco Umbrella Rank: 244005	97 KB
1	framily.de cdn.framily.de	126 KB
1	rofu.de www.rofu.de	28 KB
1	target-video.com media.target-video.com	177 KB
1	malvorlagen-seite.de malvorlagen-seite.de	288 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	31 KB
46	23

	Domain	Requested by
8	pagead2.googlesyndication.com	www.gading.biz.id pagead2.googlesyndication.com tpc.googlesyndication.com
5	i.pinimg.com	www.gading.biz.id
4	www.gading.biz.id	www.gading.biz.id
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ausm2kind.com	www.gading.biz.id
2	wunderbunt.de	www.gading.biz.id
2	www.zitronenbande.de	www.gading.biz.id
2	cdnjs.cloudflare.com	www.gading.biz.id cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	bildnerverlag.de	www.gading.biz.id
1	media.happycolorz.de	www.gading.biz.id
1	www.malvorlagen-bilder.de	www.gading.biz.id
1	ausmalbilder-gb.de	www.gading.biz.id
1	www.schule-und-familie.de	www.gading.biz.id
1	www.zusammenspiel-raa.de	www.gading.biz.id
1	img.freepik.com	www.gading.biz.id
1	www.familienzentrum-nelly-puetz.de	www.gading.biz.id
1	gbcoloring.com	www.gading.biz.id
1	cdn.framily.de	www.gading.biz.id
1	www.rofu.de	www.gading.biz.id
1	media.target-video.com	www.gading.biz.id
1	malvorlagen-seite.de	www.gading.biz.id
1	ajax.googleapis.com	www.gading.biz.id
46	24

This site contains links to these domains. Also see Links.

Domain
kertasdinding.com
tryagc.info

Subject Issuer	Validity	Valid
gading.biz.id GTS CA 1P5	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
malvorlagen-seite.de R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
i2.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2024-05-15`	a year	crt.sh
target-video.com Amazon RSA 2048 M02	`2023-02-09` - `2024-03-10`	a year	crt.sh
zitronenbande.de R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
rofu.de E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.framily.de Amazon RSA 2048 M02	`2023-09-07` - `2024-10-05`	a year	crt.sh
wunderbunt.de R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
www.familienzentrum-nelly-puetz.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.freepik.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
ausm2kind.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
zusammenspiel-raa.de R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
schule-und-familie.de Starfield Secure Certificate Authority - G2	`2023-04-30` - `2024-04-30`	a year	crt.sh
*.malvorlagen-bilder.de Encryption Everywhere DV TLS CA - G2	`2023-04-24` - `2024-05-06`	a year	crt.sh
happycolorz.de E1	`2023-11-24` - `2024-02-22`	3 months	crt.sh
bildnerverlag.de Sectigo RSA Domain Validation Secure Server CA	`2023-08-11` - `2024-09-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.gading.biz.id/
Frame ID: 04B2F521CE2B1D212F1E98BFF8432AC3
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: E5E97118348E4F6B17EA3D388F29AC0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5201163385094916&output=html&adk=1812271804&adf=3025194257&lmt=1703423126&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.gading.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703423125749&bpp=5&bdt=1132&idt=802&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1860551426608&frm=20&pv=2&ga_vid=1029812733.1703423127&ga_sid=1703423127&ga_hid=1613225362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809530%2C44807405%2C95320868%2C95320885&oid=2&pvsid=2686463165842261&tmod=1806866096&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=851
Frame ID: B3C88E217FCB9465A6CD29195C6EA117
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6770D0A14665EB6B8789AE5E4C6E1FFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F258BE1B2370A664F822771500EFB496
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gading.biz.id

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

98 %
HTTPS

71 %
IPv6

23
Domains

24
Subdomains

25
IPs

2
Countries

7564 kB
Transfer

8525 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://kertasdinding.com/
Title: KertasDinding.com

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/

Search URL Search Domain Scan URL

URL: https://tryagc.info/putihbersih/feed/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gading.biz.id/ 65 KB
10 KB 819ms
398ms Document
text/html 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4146b1b43315e454e19abcd9ce424efae10a26bb6e13849bf7e7a7a8e4e2d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a90e3e6931429a-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 13:05:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbEDhL%2FFH7P1Yb6sDUV%2BEm55kYZGczPkSlj6vvxYlB%2B3RW1jQmGXcYnY3idTq9u8dC4eSN8ZRW6p%2BIO10iKFU%2BS%2Bf3zKH4qkn0kPkINvoH3qsyl1mZUzlseVOisNqm3BkeIh3OoYgy8T9s%2FwjCYdCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 6bdc2.css
www.gading.biz.id/themes/default/assets_files/ 263 KB
41 KB 470ms
440ms Stylesheet
text/css 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gading.biz.id/themes/default/assets_files/6bdc2.css

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: W/"613f6a00-41d1d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51iKmGD9pZ8vwH4ByPxDExu33YPYRulbTLl8Dx5b3vpy3NVlSYYfEEVSxMKdVVpMAN6J2LYBduwzM27D52G2Si2XvIJzhSrQ9JH59Q20P678BY%2FRFym5K66Gr5rU0lJW%2FN3cPsqXE76PSBrnnNyrVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 83a90e412b6f429a-EWR
expires: Mon, 23 Dec 2024 13:05:33 GMT

GET css
www.gading.biz.id/themes/default/assets_files/ 0
0

GET
H3 200 sdk.js.download Show response
www.gading.biz.id/themes/default/assets_files/ 198 KB
198 KB 365ms
364ms Script
application/octet-stream 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gading.biz.id/themes/default/assets_files/sdk.js.download

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gading.biz.id/
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 202529
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-31721"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7arYPmAfTJLLk1f2RBP7%2BqDKDjrP7yPKbCDhVmvIGJkrUpKOlhPsWc1qboXJAp79TtCeHMlOmwpJelxThWPyC0FPCWlNt%2FQpYJFjKSeUOhtaQeOEiHmIev%2F4DU%2FUnMCqVaivFi7dfzQvMKwbxOFJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 83a90e42ef57433d-EWR

GET
H2 200 sdk.js(1).download Show response
www.gading.biz.id/themes/default/assets_files/ 3 KB
3 KB 295ms
267ms Script
application/octet-stream 2606:4700:3034::ac43:9ef1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gading.biz.id/themes/default/assets_files/sdk.js(1).download

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9ef1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3224
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 15:10:56 GMT
server: cloudflare
etag: "613f6a00-c98"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPTm2LUq20FX1j0oWh%2FlQbYCDeXnifwNmUlKmLuCHIyhXdqs9M4FTnphFviMvMwiO1YuGTC1zCMyG3cT1C%2BwvPZS4nojKx%2BEJbfntG%2BY97DfNDL35w%2BDP8lxYOUYyVZX1pXwZ9DWCHv4XILUhogheA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 83a90e412b71429a-EWR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 322ms
60ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5201163385094916

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0873295393b895bbcdb20a61e4cdbcdcf7a7a4b62fcb3dd52435d5f6fadb7793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51272
x-xss-protection: 0
server: cafe
etag: 1417338569459730234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 13:05:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 299ms
61ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792020436495436

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a31a74bee5d4375d6cc10066c455ac57bada25e0f22ee2119b2b1a08fad9efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51272
x-xss-protection: 0
server: cafe
etag: 13667509087672028843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 13:05:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 331ms
94ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5981073198693293

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bf044e4e40bbadfd5240ba270ab80efbbe979d30e0e0fa5163830e9f5ee8f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51276
x-xss-protection: 0
server: cafe
etag: 6672694632226502374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 13:05:25 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 147ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gading.biz.id/
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2259656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4qq%2B0k0NrVnXXUPt54tNLnQVtR%2BoDG2O4m%2BATWJ5itktqc9EfkGV23zoY50X3FX%2B%2FiuoESiQ6RoP7Vvp5ACv5pqmsbD%2FNnRgjtJmKc3F42kfDziwdyTZr1Htz2UGH4JzCuLxkophH3EnAR1Xwikq%2FTR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a90e41cbf51986-EWR
expires: Fri, 13 Dec 2024 13:05:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 154ms
30ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 06:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Dec 2024 06:12:36 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 36ms
27ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://www.gading.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 844276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80252
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QInNIZk%2BFkuEj3iWJDQ9JDyIghxk87CEZK0eso5WJgR09kVX8c306CoA5p9CDlxfgPBuBZmcEhPyun1gLiIjnXFCPonBo0aM8M%2FTnZiYpeh9a7PQyTNYAJ7Cgry159h5p5mgmlBQAqrXcfKPCKWZHFxd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a90e448d851986-EWR
expires: Fri, 13 Dec 2024 13:05:25 GMT

GET
H2 200 kinder-dieser-erde-blank-scaled.jpg
malvorlagen-seite.de/wp-content/uploads/2021/12/ 287 KB
288 KB 622ms
331ms Image
image/webp 85.13.152.92
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malvorlagen-seite.de/wp-content/uploads/2021/12/kinder-dieser-erde-blank-scaled.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.152.92 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd35318.kasserver.com
Software: Apache /
Resource Hash: bb461c5896d3042203af4b311952eb0e830f1b2f4e621b5ec70ca2285b21996d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Tue, 14 Dec 2021 19:01:00 GMT
server: Apache
vary: Accept
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 294120
expires: max-age=A10368000, public

GET
H2 200 d0de526db2a29c77ebd5a3c6db1074fd.jpg
i.pinimg.com/originals/d0/de/52/ 49 KB
49 KB 277ms
117ms Image
image/jpeg 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d0/de/52/d0de526db2a29c77ebd5a3c6db1074fd.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 64331b177562a2c90051c034a3381cd6acaaabc257c373730e495f5cc2ea744a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.0f02c417.1703423125.3c871cf8
etag: "1fd07b7d900ffc79b54bef50d5e6c7a6"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 50382

GET
H2 200 ausmalbild-halloween-malvorlage-kostenlos-hexe-und-fledermaus.jpg
media.target-video.com/sites/6/2023/09/29155017/ 176 KB
177 KB 350ms
160ms Image
image/jpeg 18.160.156.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.target-video.com/sites/6/2023/09/29155017/ausmalbild-halloween-malvorlage-kostenlos-hexe-und-fledermaus.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.156.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-156-127.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c83c51fff3a8f096d30eabd3f5cbc50f80d97655d7d5a563617ab9a149dab39b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:31:23 GMT
x-amz-version-id: Vjj5HHNT93ii6_xHN5UfiFA7ShUFSfWh
via: 1.1 3647e45fff83ec20323eae12f319e252.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-P1
age: 5642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 180481
last-modified: Fri, 29 Sep 2023 13:50:19 GMT
server: AmazonS3
etag: "f24d0c200b24b91e271f6d7b53823699"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 988aCX1yqgY_NdulZFL8LGgZoXD_jX__o0F_RQKjh8hR2-Ap33RvoQ==
expires: Sat, 28 Sep 2024 13:50:18 GMT

GET
H2 200 fisch-ausmalbild.jpg
www.zitronenbande.de/wp-content/uploads/2020/09/ 261 KB
261 KB 700ms
332ms Image
image/jpeg 85.13.129.82
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitronenbande.de/wp-content/uploads/2020/09/fisch-ausmalbild.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.129.82 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd17224.kasserver.com
Software: Apache /
Resource Hash: b16dfc06028cbc0ac32620022dbcca1dfbd6f8b773c35f0b11d2a684d6b155ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Thu, 13 May 2021 13:18:14 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 267108
expires: Mon, 22 Apr 2024 13:05:25 GMT

GET
H2 200 pferd-3-ausmalbild.jpg
www.zitronenbande.de/wp-content/uploads/2020/09/ 176 KB
176 KB 1031ms
664ms Image
image/jpeg 85.13.129.82
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zitronenbande.de/wp-content/uploads/2020/09/pferd-3-ausmalbild.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.129.82 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd17224.kasserver.com
Software: Apache /
Resource Hash: 39100d0f78dd27dc5edb694357a1138f9dcac6b0d09683ef79e058ee7f44b85e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Thu, 13 May 2021 13:18:10 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 179977
expires: Mon, 22 Apr 2024 13:05:25 GMT

GET
H2 200 Dragons-Drachen-Ausmalbilder-Hicks-Ohnezahn-1-1024x1019.jpg
www.rofu.de/blog/wp-content/uploads/sites/6/2020/03/ 27 KB
28 KB 542ms
394ms Image
image/avif 172.67.71.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rofu.de/blog/wp-content/uploads/sites/6/2020/03/Dragons-Drachen-Ausmalbilder-Hicks-Ohnezahn-1-1024x1019.jpg

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be8cb463ccba3c26c9f9f407ecc8a92c95825f3d9fcbe88def69b817be5a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

s-expression-valid-1: true
date: Sun, 24 Dec 2023 13:05:25 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
s-cache-key-page-str: host,uri,cookie_language:0
s-storage: 10.0.1.32
s-node: 10.0.1.37
s-cache-file: 8bbd4768d2c72bd827106ed98efa0315.avif
s-zone-id: 83_316
s-cache: HIT
content-length: 28013
s-cache-key-personalize: session:frontend,cookie_sid:0
s-env: prod
s-debug-message: 1
last-modified: Tue, 19 Dec 2023 10:11:42 GMT
server: cloudflare
etag: "65816c5e-6d6d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwVouXdfo2%2B5EEF8qSaEOrhvs5w%2B8lRnoESTQ6jy5Am%2FGMX28vgAE5knaWcJjfvpz0EFP7x7iz9vNNGIGADpgP2uSSHH7ovuJfK0zmS4wD3cJaIK64GUk0mZEFK7"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
accept-ranges: bytes
cf-ray: 83a90e45bfbd42fe-EWR

GET
H2 200 Ausmalbild-PAW-Patrol.jpg
cdn.framily.de/media/image/c3/8e/8a/ 125 KB
126 KB 1142ms
866ms Image
image/jpeg 2600:9000:2548:600:7:b6d:8000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.framily.de/media/image/c3/8e/8a/Ausmalbild-PAW-Patrol.jpg

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2548:600:7:b6d:8000:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

214f996bc72ce52e9f071aee8cf714c05c3d9b8b26fe1afc4031fd4e2b65a6b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 23 Jan 2024 13:05:26 GMT
date: Sun, 24 Dec 2023 13:05:26 GMT
via: 1.1 varnish (Varnish/5.1), 1.1 ae77ff90d6837f5ad73a77c09e1ae242.cloudfront.net (CloudFront)
x-cacheable: YES
x-amz-cf-pop: IAH50-P2
age: 0
x-cache: Miss from cloudfront
x-url: /media/image/c3/8e/8a/Ausmalbild-PAW-Patrol.jpg
content-length: 128265
last-modified: Mon, 15 Aug 2022 11:40:15 GMT
server: Apache
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-varnish: 148667210
cache-control: max-age=0, private
accept-ranges: bytes
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-amz-cf-id: RebByn_Xdrj4GWY1vJJ6mJZQyRB46O-3FKUwgugVm5TNXRK2-ODqWw==
x-cache-hits: 0

GET
H2 200 Seahorse-Coloring-Pages-2.jpg
gbcoloring.com/wp-content/uploads/2023/03/ 97 KB
97 KB 552ms
423ms Image
image/jpeg 2606:4700:3034::6815:1834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbcoloring.com/wp-content/uploads/2023/03/Seahorse-Coloring-Pages-2.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7781ea13bee7c41d90e78f8bcdb3a8265d07e6e1298e3b7188e3756ec9f8036f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Mar 2023 02:38:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18365-6413d2ae-3a0ea6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt8Men0zfFhwV23GSuKXtf5mJTcSwpIwpRCg2Qw%2FlSN1wnBzb9xzabNMskwV9muxs8qYpevK5fBLdL3m3IEj3ESliqvBNWfrKX%2FfKzhVRR3YyOUla7lOE8b2kaGs1Ezucxa19dDr6pWlnL0f3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83a90e45fa7b8c95-EWR
alt-svc: h3=":443"; ma=86400
content-length: 99173
expires: Sun, 31 Dec 2023 13:05:25 GMT

GET
H2 200 herbst-mandala-kostenlose-malvorlagen-1250x833.jpg
wunderbunt.de/wp-content/uploads/2022/09/ 304 KB
306 KB 645ms
221ms Image
image/jpeg 2a03:2a00:1400:0:1::4959
MITTWALD-AS Mittw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wunderbunt.de/wp-content/uploads/2022/09/herbst-mandala-kostenlose-malvorlagen-1250x833.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:2a00:1400:0:1::4959 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: f097f81481c4fd2333d18a9a65dbbbfa243cfc83b8c13d9796fbacefc61ddff4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Tue, 27 Sep 2022 07:08:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 310796
expires: Mon, 22 Apr 2024 13:05:25 GMT

GET
H2 200 castle-4937938.png
www.familienzentrum-nelly-puetz.de/medien/downloads/ 737 KB
739 KB 1212ms
211ms Image
image/png 2001:67c:680:f06::140
KDVZ-FRECHEN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.familienzentrum-nelly-puetz.de/medien/downloads/castle-4937938.png

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:680:f06::140 , Germany, ASN202577 (KDVZ-FRECHEN, DE),

Reverse DNS

Software

nginx /

Resource Hash

e1a49f49146d9103e5c6e43c53556e2eb2044f5550641d3f4955945f380bfa07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Apr 2022 07:13:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 754280
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2024 13:05:26 GMT

GET
H2 200 c47928b1a86dfb12426349eaa919993e.jpg
i.pinimg.com/originals/c4/79/28/ 64 KB
64 KB 214ms
109ms Image
image/jpeg 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c4/79/28/c47928b1a86dfb12426349eaa919993e.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 867ccce4deed0d2fb4dfa2d4446f84afd9bb12290da43962fcaba00552ec2bab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.0f02c417.1703423125.3c871cf7
etag: "c56841e66a5428c8e897966926439431"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 65538

GET
H2 200 ausmalbilder-ostern-kostenlose-malvorlagen-1250x833.jpg
wunderbunt.de/wp-content/uploads/2023/03/ 160 KB
162 KB 644ms
220ms Image
image/jpeg 2a03:2a00:1400:0:1::4959
MITTWALD-AS Mittw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wunderbunt.de/wp-content/uploads/2023/03/ausmalbilder-ostern-kostenlose-malvorlagen-1250x833.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:2a00:1400:0:1::4959 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: b02e75a915930f94f3e18f5be6bd0820e398f22db2a51d284fbc974b8d4b1950

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Thu, 02 Mar 2023 10:20:06 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 164193
expires: Mon, 22 Apr 2024 13:05:25 GMT

GET
H2 200 da715f9d9062218f6510c485d4a42565.jpg
i.pinimg.com/736x/da/71/5f/ 17 KB
17 KB 231ms
127ms Image
image/jpeg 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/da/71/5f/da715f9d9062218f6510c485d4a42565.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f3749ed8e3902fe7376da8a2e5fc98f980f77a425514fff45c9277e950f8a211

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.0f02c417.1703423125.3c871cf9
etag: "8a41c99adf3b7e9f9a6109d6c455efc4"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 17574

GET
H2 200 ce83ddfb568ce5fc0ece4db74a1b34ce.jpg
i.pinimg.com/736x/ce/83/dd/ 105 KB
105 KB 164ms
60ms Image
image/jpeg 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/ce/83/dd/ce83ddfb568ce5fc0ece4db74a1b34ce.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c8683fb241ff0bb1e66bb7b9cff99bda304380d64d28654c82dca11550c361a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.0f02c417.1703423125.3c871cfa
etag: "3ffca87fa03bfc79fb97cffd5e393eb0"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 107684

GET
H2 200 malvorlagen-fuer-kinder-malvorlagen-fuer-huendchen-fuer-kinder-drucken-sie-sie-kostenlos-online-aus_652809-320.jpg
img.freepik.com/vektoren-premium/ 43 KB
44 KB 263ms
61ms Image
image/avif 2600:141b:1c00:30::1739:5a70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.freepik.com/vektoren-premium/malvorlagen-fuer-kinder-malvorlagen-fuer-huendchen-fuer-kinder-drucken-sie-sie-kostenlos-online-aus_652809-320.jpg?w=2000
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 526c67d6b006225f73d7205a693b2959fabd932a56cdcbafd8f2334e24ee3325

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
last-modified: Thu, 21 Sep 2023 21:14:23 GMT
mpulse_cdn_cache: HIT
etag: "43c2859ca0c82f317855716beda8e784"
content-type: image/avif
cache-control: private, max-age=604800
mpulse_origin_time: 0
x-robots-tag: noimageai
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 44462
expires: Sun, 31 Dec 2023 13:05:25 GMT

GET
H2 200 Ausm2Kind-Ausmalbild-Fische-Kinder.jpg
ausm2kind.com/wp-content/uploads/2023/10/ 389 KB
389 KB 1394ms
1277ms Image
image/jpeg 2606:4700:3037::6815:4c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ausm2kind.com/wp-content/uploads/2023/10/Ausm2Kind-Ausmalbild-Fische-Kinder.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b993d196587df66fb65a5442f513c27f63686642d83ce3e8e77ecd9830d49cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 10:47:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uml1NZJ2dlsh72lLTDVJ4NarxoZxIaagB6Fis5qpkAfBaFX%2FHbUhBsvHxlVXMADs6%2FOTcA8AwU6wrrY8iD6G6RhM%2BJEueZUbzDu2iZzpXPcczW6UDg61qyj1i%2BJ26E97PxlgMMtTnZwC5bAY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a90e45ef1d42e7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 398012

GET
H2 200 Ausm2Kind-Hexe.jpg
ausm2kind.com/wp-content/uploads/2023/09/ 370 KB
371 KB 1337ms
1220ms Image
image/jpeg 2606:4700:3037::6815:4c20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ausm2kind.com/wp-content/uploads/2023/09/Ausm2Kind-Hexe.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4c20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d71b6ba8d1d5e12fafd00badbccc88f4d6c69c9271520ae1c1eeee8e9a8b223

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 07:53:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1%2Fa19zpPQl5KRAIGyNWcko9OayZhQ3f5u%2F5aYByIC3DP%2FEMa5%2FFvxqHSjq35WE38V8LsIGM%2Bfaniv0F1fQkHfmXXSu0x%2BEt4Lo2aRw4CL7lIA4kGIhUJMaboPaDZ4JlcjNwl1byZx8IUauw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a90e45ef1c42e7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 378530

GET
H2 200 12b96bc0680b5f4bf3c647ffd506050c.jpg
i.pinimg.com/originals/12/b9/6b/ 88 KB
88 KB 138ms
34ms Image
image/jpeg 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/12/b9/6b/12b96bc0680b5f4bf3c647ffd506050c.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc3f3b3107d589207d7ec4e1db206ea42d37f684421ae21cbfde577949e18d17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.0f02c417.1703423125.3c871cfb
etag: "de4f0ed8769208f0ea24ca57d1b994a9"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 90096

GET
H2 200 ausmalbilder-malvorlagen-kinder-fruehling-blumen-bienen-ausdrucken.jpg
www.zusammenspiel-raa.de/images/galerien/org/ 58 KB
58 KB 1209ms
358ms Image
image/jpeg 85.13.136.19
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zusammenspiel-raa.de/images/galerien/org/ausmalbilder-malvorlagen-kinder-fruehling-blumen-bienen-ausdrucken.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.136.19 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd14626.kasserver.com
Software: Apache /
Resource Hash: 80a94c4149059bdc9bb1cc59173659ce4fe5c040f5a2d20cc7206d3127a7eb0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
last-modified: Thu, 17 Mar 2022 07:31:00 GMT
server: Apache
etag: "e79f-5da6502f95500"
content-type: image/jpeg
cache-control: max-age=16048000, public
accept-ranges: bytes
content-length: 59295

GET
H2 200 marienkaefer.jpg
www.schule-und-familie.de/assets/images/2021/3/ 99 KB
100 KB 259ms
37ms Image
image/jpeg 192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.schule-und-familie.de/assets/images/2021/3/marienkaefer.jpg

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10017.sucuri.net

Software

nginx /

Resource Hash

8c659b24d76de138739685565cb17dda33ac74015b820edaf0f2358a1c0a3063

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 08:40:36 GMT
server: nginx
etag: "18ca9-5be585e8e1a75"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 14017
accept-ranges: bytes
content-length: 101545
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 topmodel-1.jpeg
ausmalbilder-gb.de/wp-content/uploads/2022/09/ 111 KB
112 KB 254ms
89ms Image
image/jpeg 2606:4700:3035::ac43:de7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ausmalbilder-gb.de/wp-content/uploads/2022/09/topmodel-1.jpeg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:de7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63a29e3251b3422045b19c08bfb60b943cc96d10331189cf2e91ab03c54a8f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Sep 2022 07:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1bc12-6333fbf3-141612;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooLg5eFr2vtDuzER5scYUxZsKkuDMTFPrSuREGWR9YmJBkCk%2BzGvxg9LnIECLDe3MNpKxV4TmfoHCoSMSXluhs%2BhfMeVE4KnXuT8qef%2BZeE0f0BirPpTwNAXl3LMDHNtuy%2F8NUfhJS0de%2Fln2ZrzxHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83a90e476ed6726e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 113682
expires: Sun, 31 Dec 2023 13:05:25 GMT

GET
H2 200 ausmalbild-einhorn-kostenlos.jpg
www.malvorlagen-bilder.de/malvorlage/einhorn/ 462 KB
463 KB 899ms
247ms Image
image/jpeg 2001:8d8:100f:f000::254
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malvorlagen-bilder.de/malvorlage/einhorn/ausmalbild-einhorn-kostenlos.jpg
Requested by: Host: www.gading.biz.id
URL: https://www.gading.biz.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::254 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 7d2a2bd9e6a03d70c1bfd923e225dafc2c6bed870bfaade88e1752b624d4bbf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
last-modified: Thu, 20 May 2021 12:53:54 GMT
server: Apache
accept-ranges: bytes
etag: "73885-5c2c26f853c80"
content-length: 473221
content-type: image/jpeg

GET
H2 200 osterhase-mit-ei.png
media.happycolorz.de/t/500x500/ostern/ 21 KB
22 KB 445ms
202ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.happycolorz.de/t/500x500/ostern/osterhase-mit-ei.png

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294fd04c931c16c6e1bd5830f4778061eb4a0ec84e127bc36b4e91a03a0638d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: tx000000904e3071b967fec-00656f383d-cac57c3f-fra1b
x-envoy-upstream-healthchecked-cluster
content-length: 21846
last-modified: Mon, 30 Mar 2020 21:26:13 GMT
server: cloudflare
etag: "12266a7535678e5c61fccb02c1002345"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: a5087116-9915-4388-b643-e3860fbde0dc
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 83a90e47ef4f43ca-EWR

GET
H2 200 das_kann_in_den_muell.jpg
bildnerverlag.de/media/image/56/29/a7/ 3 MB
3 MB 962ms
314ms Image
image/jpeg 77.75.251.58
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bildnerverlag.de/media/image/56/29/a7/das_kann_in_den_muell.jpg

Requested by

Host: www.gading.biz.id
URL: https://www.gading.biz.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.75.251.58 , Germany, ASN45012 (CLOUDPIT, DE),

Reverse DNS

cloud5-vm453.de-nserver.de

Software

Apache /

Resource Hash

2ee1f409aae68f4d8f675f4834a6bff8416f57a41dabef94523928b3399d53dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:26 GMT
last-modified: Mon, 05 Feb 2018 10:41:36 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2679990
expires: Tue, 23 Jan 2024 13:05:26 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 228ms
122ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792020436495436

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1916131603004031834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 13:05:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame E5E9 9 KB
4 KB 146ms
24ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792020436495436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 20:07:10 GMT
etag: 5585625838579639069
expires: Sat, 06 Jan 2024 20:07:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3C8 603 B
245 B 103ms
101ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5201163385094916&output=html&adk=1812271804&adf=3025194257&lmt=1703423126&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.gading.biz.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703423125749&bpp=5&bdt=1132&idt=802&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1860551426608&frm=20&pv=2&ga_vid=1029812733.1703423127&ga_sid=1703423127&ga_hid=1613225362&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809530%2C44807405%2C95320868%2C95320885&oid=2&pvsid=2686463165842261&tmod=1806866096&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=851

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 13:05:26 GMT
expires: Sun, 24 Dec 2023 13:05:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05860e0c4014493685d799846bf7bc95672fd3525f4348de3ce0838069029e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12402
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 145ms
54ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 13:05:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6770 13 KB
5 KB 29ms
23ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gading.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 233894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:07:13 GMT
expires: Fri, 20 Dec 2024 20:07:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F258 829 B
1 KB 154ms
48ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7fb12b688727086ea6771da2fa313af96cd3efb1c6f4fe371672e768c645fa2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iVMRAm5JFOf1Sx9s77iREg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gading.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iVMRAm5JFOf1Sx9s77iREg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 13:05:27 GMT
expires: Sun, 24 Dec 2023 13:05:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6770 39 KB
15 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 20:08:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F258 0
0 48ms
47ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2686463165842261&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6770 0
10 B 28ms
28ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fYTmrg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:05:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2686463165842261&bg=!WFulWxTNAAY3kmNgF5I7ADQBe5WfON1h1g_2YXITL4sceHju09oaDprS3RH5hliSZsf0TppmnvI60B-w832Y0fSLZzizAgAAAJJSAAAAA2gBB5kC80YknL-txZy8CEyNS4gKowOVWZugaw6HQUgobB_K2u4eLq84PWoNH4AzDO6GGj2PqTRrrWlwGzoGGTcT6UhUWvTQllhql7IuizFDpfWMmDculn3me6Pj51sWaJYyMeI3fqwVFOzurVN0DFLnYFUHSKJZJp7a2Ve58hoMO3saHEUrc0ftFOpfTWUVmJWD1oI7di9_jd7yq76sBJ52vlLPZvCL85cxNn9Piu6cCbHVBsckYxQ-ev5akQQguBMklqqkFht0JrPbVceVUIdqxayFHtcmBuqNbsGZZm2Ofu_njZdVVjRZ_HbSee0XbGvky9P6UCVWF7CWoPIyjJgjEGMsWIuu_XOsVyZtBhObYtMXvE4MVGogzQ0G1-Xy1BWWQvJp2Y6j_-Q7p2QMoNWv-ZJyuEnMg_97PUrzVcPG0IW7GTxoxC8tEwhnJbglSbHBp2VFCUSQ9QuvyCYNjqfNj_Utnw2s0g5WOsiWWYiu8pblq2IFzJiZf7Uagjn2QknRA5tdUk1ckvH6s2QupWVLK-PWHVGhfTQiaVZY8AnwNXxyM6vUteqG4BL6_SZCYpbziVC-oB7UBCdS5nsOIwx7C4uv9IPLAlFCgGzmmvdL_taDK7IKCoXpK_FyEJIJXYxeusoyJs5CFbYgBsJekgMXNCRBaImTVRoS2xto2QrBtoVKxiXntd3ukwAZjNP4oSaEhuV68Y_RUX3jNmRLp_TT2-ihvH8JgfIwIMxDkDGnUwg0e8PBS-cX9qpHTjfnnbfbpP5Q36PvilDyVzV1KjTTHZdfN4Ssgd81MPVMh4-p0E9c0NJOUyyEKDD7GQlAQBDq4jMaaKswjxKNnj1jtt5uMquaILCeYQPNml-tqy7fVaUQzqDI9aeh2sGqSr518dc8_FxJWLWLq0hRFKfUiXErAf9Hs9gkv55db1rjE-ONCXZ_Zks_Rh5RO3zzhbP6188SX9XYTjwG1rEB4-DkNqHWF8MDLT2_TLqnH9suarMpAPhm_Jyvu-y3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gading.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gading.biz.id
URL: https://www.gading.biz.id/themes/default/assets_files/css

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gading.biz.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: d59d7c3a83da200245edf35b60aed269
.media.happycolorz.de/	1970-01-20 17:10:24	Name: __cf_bm Value: H4tOCQohGjrq2elLQLZpGIbIgaooOTpRGEEujLayZ7s-1703423125-1-AUsT+R4M3+wBDxFIHyflVfXew+4rKCvba+G4b52OkdWm1qr6CSZh++vH/2AWwdvalbxTPn031roWwzsY8PHgW6s=
.doubleclick.net/	1970-01-20 17:10:24	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.gading.biz.id/ Message: Refused to apply style from 'https://www.gading.biz.id/themes/default/assets_files/css' because its MIME type ('application/octet-stream') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.gading.biz.id/ Message: Refused to execute script from 'https://www.gading.biz.id/themes/default/assets_files/sdk.js(1).download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.gading.biz.id/ Message: Refused to execute script from 'https://www.gading.biz.id/themes/default/assets_files/sdk.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ausm2kind.com
ausmalbilder-gb.de
bildnerverlag.de
cdn.framily.de
cdnjs.cloudflare.com
gbcoloring.com
googleads.g.doubleclick.net
i.pinimg.com
img.freepik.com
malvorlagen-seite.de
media.happycolorz.de
media.target-video.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
wunderbunt.de
www.familienzentrum-nelly-puetz.de
www.gading.biz.id
www.google.com
www.malvorlagen-bilder.de
www.rofu.de
www.schule-und-familie.de
www.zitronenbande.de
www.zusammenspiel-raa.de
www.gading.biz.id
172.67.71.245
18.160.156.127
192.124.249.17
2001:67c:680:f06::140
2001:8d8:100f:f000::254
2600:141b:1c00:16::17c4:30f
2600:141b:1c00:30::1739:5a70
2600:9000:2548:600:7:b6d:8000:93a1
2606:4700:3034::6815:1834
2606:4700:3034::ac43:9ef1
2606:4700:3035::ac43:de7c
2606:4700:3037::6815:4c20
2606:4700::6811:180e
2606:4700::6812:dc0
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:823::2002
2a03:2a00:1400:0:1::4959
77.75.251.58
85.13.129.82
85.13.136.19
85.13.152.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05860e0c4014493685d799846bf7bc95672fd3525f4348de3ce0838069029e02
0873295393b895bbcdb20a61e4cdbcdcf7a7a4b62fcb3dd52435d5f6fadb7793
0b993d196587df66fb65a5442f513c27f63686642d83ce3e8e77ecd9830d49cd
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
214f996bc72ce52e9f071aee8cf714c05c3d9b8b26fe1afc4031fd4e2b65a6b3
294fd04c931c16c6e1bd5830f4778061eb4a0ec84e127bc36b4e91a03a0638d6
2a31a74bee5d4375d6cc10066c455ac57bada25e0f22ee2119b2b1a08fad9efe
2ee1f409aae68f4d8f675f4834a6bff8416f57a41dabef94523928b3399d53dd
39100d0f78dd27dc5edb694357a1138f9dcac6b0d09683ef79e058ee7f44b85e
3bf044e4e40bbadfd5240ba270ab80efbbe979d30e0e0fa5163830e9f5ee8f2c
4d71b6ba8d1d5e12fafd00badbccc88f4d6c69c9271520ae1c1eeee8e9a8b223
526c67d6b006225f73d7205a693b2959fabd932a56cdcbafd8f2334e24ee3325
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d3368486c09274abb3415445030b0ab4fcc8ab6bcb9d6965cbcd9dd52d219b
64331b177562a2c90051c034a3381cd6acaaabc257c373730e495f5cc2ea744a
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
7781ea13bee7c41d90e78f8bcdb3a8265d07e6e1298e3b7188e3756ec9f8036f
7d2a2bd9e6a03d70c1bfd923e225dafc2c6bed870bfaade88e1752b624d4bbf7
80a94c4149059bdc9bb1cc59173659ce4fe5c040f5a2d20cc7206d3127a7eb0d
867ccce4deed0d2fb4dfa2d4446f84afd9bb12290da43962fcaba00552ec2bab
8be8cb463ccba3c26c9f9f407ecc8a92c95825f3d9fcbe88def69b817be5a3cc
8c659b24d76de138739685565cb17dda33ac74015b820edaf0f2358a1c0a3063
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a5fbd79f44ad253cd2d7c6014a6590db9434ace8d8118a520e6bad39dfd85840
b02e75a915930f94f3e18f5be6bd0820e398f22db2a51d284fbc974b8d4b1950
b16dfc06028cbc0ac32620022dbcca1dfbd6f8b773c35f0b11d2a684d6b155ab
bb461c5896d3042203af4b311952eb0e830f1b2f4e621b5ec70ca2285b21996d
bc3f3b3107d589207d7ec4e1db206ea42d37f684421ae21cbfde577949e18d17
c7fb12b688727086ea6771da2fa313af96cd3efb1c6f4fe371672e768c645fa2
c83c51fff3a8f096d30eabd3f5cbc50f80d97655d7d5a563617ab9a149dab39b
c8683fb241ff0bb1e66bb7b9cff99bda304380d64d28654c82dca11550c361a8
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d4146b1b43315e454e19abcd9ce424efae10a26bb6e13849bf7e7a7a8e4e2d04
d63a29e3251b3422045b19c08bfb60b943cc96d10331189cf2e91ab03c54a8f5
e1a49f49146d9103e5c6e43c53556e2eb2044f5550641d3f4955945f380bfa07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42603cc372020783f9dda97e3f84ed058286af78cec4aaafa4b9d50cd8fb84d
f097f81481c4fd2333d18a9a65dbbbfa243cfc83b8c13d9796fbacefc61ddff4
f3749ed8e3902fe7376da8a2e5fc98f980f77a425514fff45c9277e950f8a211
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.gading.biz.id Open in urlscan Pro 2606:4700:3034::ac43:9ef1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

71 %IPv6

23 Domains

24 Subdomains

25 IPs

2 Countries

7564 kBTransfer

8525 kBSize

3 Cookies

3 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gading.biz.id Open in urlscan Pro
2606:4700:3034::ac43:9ef1 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

71 %
IPv6

23
Domains

24
Subdomains

25
IPs

2
Countries

7564 kB
Transfer

8525 kB
Size

3
Cookies

46 HTTP transactions
0 data transactions