urlscan.io logo urlscan.io
SecurityTrails logo

www.billfoxtravel.com Open in urlscan Pro
2606:4700:3036::6815:4f12  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.billfoxtravel.com/
Submission: On August 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3036::6815:4f12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.billfoxtravel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 17th 2020. Valid for: a year.
This is the only time www.billfoxtravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 85.13.139.169 34788 (NMM-AS D)
1 18.184.59.54 16509 (AMAZON-02)
1 35.197.240.169 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2600:9000:219... 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
17 11
6    2606:4700:3036::6815:4f12 (United States)

ASN13335 (CLOUDFLARENET, US)
www.billfoxtravel.com
billfoxtravel.com
1    85.13.139.169 (Loebau, Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
www.brettspiele-report.de
1    18.184.59.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-59-54.eu-central-1.compute.amazonaws.com
www.fussball-blabla.de
1    35.197.240.169 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 169.240.197.35.bc.googleusercontent.com
777-casino-spiele.com
1    2606:4700:3031::ac43:d78f (United States)

ASN13335 (CLOUDFLARENET, US)
www.comstern.de
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.service.hip-trips.com
1    2600:9000:2190:5a00:1d:d7f6:39cf:a761 (United States)

ASN16509 (AMAZON-02, US)
m.media-amazon.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
www.casinos-online.com
2    2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a02:26f0:64::214:849d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p5.focus.de
Domain Requested by
5 billfoxtravel.com www.billfoxtravel.com
2 i.ytimg.com www.billfoxtravel.com
1 p5.focus.de www.billfoxtravel.com
1 www.casinos-online.com www.billfoxtravel.com
1 m.media-amazon.com www.billfoxtravel.com
1 cdn.service.hip-trips.com www.billfoxtravel.com
1 www.comstern.de www.billfoxtravel.com
1 777-casino-spiele.com www.billfoxtravel.com
1 www.fussball-blabla.de www.billfoxtravel.com
1 www.brettspiele-report.de www.billfoxtravel.com
1 www.billfoxtravel.com
17 11

This site contains links to these domains. Also see Links.

Domain
billfoxtravel.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-17 -
2021-12-16		 a year crt.sh
brettspiele-report.de
R3		 2021-07-18 -
2021-10-16		 3 months crt.sh
www.example.com
www.example.com		 2019-06-23 -
2029-06-20		 10 years crt.sh
777-casino-spiele.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
comstern.de
Cloudflare Inc ECC CA-3		 2021-05-04 -
2022-05-03		 a year crt.sh
cdn.service.hip-trips.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-17 -
2020-09-14		 a year crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2021-03-23 -
2022-03-22		 a year crt.sh
casinos-online.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.focus.de
DigiCert SHA2 Secure Server CA		 2021-07-24 -
2022-07-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.billfoxtravel.com/
Frame ID: F6E1245870B9DF7BB4371BF40E179922
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Drakensang Online Download - billfoxtravel.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

17
Requests

82 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

2515 kB
Transfer

2567 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.billfoxtravel.com/ 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf292fd0d6de18d47e596b74055919fdb6070435e4b7d5eb45b5d3e0d2470934
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.billfoxtravel.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
cache-control
public, no-cache
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZj8lUmGCu3ueXVxoTlJzE9R3pT%2F7YkJ84U9C%2FNEZpKsZBRBnN1nxCwIbopXI1%2BDJ4RmPwXe4VzpuVGyC97aL5bqSUFY5Ve4d%2FIWMVWG2FQKNSL3b50CxH7Vvl13E3VudPOnnxstCNW7rseWzZemulwsnuQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68362cd7fe0e2c26-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.min.css
billfoxtravel.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billfoxtravel.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8955279
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Dec 2020 03:40:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fe16abb-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XKXZNd1iIffz8wfCa1mKT6RIqzQ%2FjppcfOxavPDy8HXZM3%2Bor1usuwY6hEkPXy1tycN%2BKqt%2BkRBx3fpiW0QktKDZPMyXJAXapQ8RKAwAGwQRg6xcJVSG%2FQUnoKBl5hQI8VNYXbPUVGqOkeppromRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
68362cd948e22c26-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
billfoxtravel.com/wp-content/plugins/author-hreview/style/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billfoxtravel.com/wp-content/plugins/author-hreview/style/style.css?ver=5.3
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c4d1779e7d8e3c5299633426006e5e3ef3f71bd4905dca55e80587a912291e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8955279
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Dec 2020 03:40:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fe16aba-171f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4JtR2x7ODcpbc4bR7k10mn%2BYORTOOYbQDodMbuHYBn1zNP5yN81GcAwUu5hsMQh6a87VvBe52%2FI7Am9ZgbNpcmXBSCKqrZEjQ9rbnrXfijdCX3RviBpKlauUiKaPwEKItgAvcg25Xhzri%2Fez8pMsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
68362cd948da2c26-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
billfoxtravel.com/wp-content/themes/hello-elementor/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billfoxtravel.com/wp-content/themes/hello-elementor/style.min.css?ver=2.2.0
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa0c20954c4243d81fdc203c1c05fc647794da5f84e813b16f891b05b842cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8955279
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Dec 2020 03:40:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fe16ab8-19f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM1QfnQZrX4oNIlyBv3igk%2F%2B3rhOcCaVE0Y3NPClHjH39Ic8HrNq92TAaHoXDQJQscb0lPxcfqklW9vDk6haOuYHC337WvytrPAa6aJ4Q1ABSnkueuClhDYf%2Fs7nfCMBMA5nFfiqzQzhnFGd8lXLpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
68362cd948e62c26-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme.min.css
billfoxtravel.com/wp-content/themes/hello-elementor/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billfoxtravel.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.2.0
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a591d6036783118c6356690f7a4e22d60ad7c224db3897df5b46ccea09054c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Dec 2020 03:40:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fe16ab8-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIin5M5J9lWzD30xdIgmd%2FNnW%2BYRxYUH7JS0eoow0v%2BJO%2F5NDqRYvQP95XqseU0VEks1CdQUk2wOkl3DvbiTl%2Bt6MjTwaoru0NpfWugcqsAsP6cD9br3fjQaUf%2FQfClNBFLjW6a%2FUP6uZl1NsSVX5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
68362cd948df2c26-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
das_verrueckte_labyrinth_spielbox.jpg
www.brettspiele-report.de/images/das_verrueckte_labyrinth/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.brettspiele-report.de/images/das_verrueckte_labyrinth/das_verrueckte_labyrinth_spielbox.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.139.169 Loebau, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
4dc00eda85df11f521883210fa9f194f38d047e0de15bcded823f658fe71062e

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
last-modified
Wed, 10 Mar 2010 18:01:56 GMT
server
Apache
accept-ranges
bytes
etag
"790a-481761805cd00"
content-length
30986
content-type
image/jpeg
xard-livestream-deutschland-italien-2-700x198.jpg.pagespeed.ic.lpI-E-H5zv.jpg
www.fussball-blabla.de/wp-content/uploads/2016/11/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fussball-blabla.de/wp-content/uploads/2016/11/xard-livestream-deutschland-italien-2-700x198.jpg.pagespeed.ic.lpI-E-H5zv.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.59.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-59-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
Jade_Treasure_3.png
777-casino-spiele.com/wp-content/uploads/thumbs/custom/J/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://777-casino-spiele.com/wp-content/uploads/thumbs/custom/J/Jade_Treasure_3.png
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.197.240.169 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
169.240.197.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
919197aea47d8ce2aaa09877cf14e93873f405ba89efc06ae3f90954de4dad89

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
last-modified
Wed, 08 Nov 2017 06:53:38 GMT
server
nginx
etag
"5a02a9f2-1e2bb2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1977266
ThreeChess-Schach-f%C3%BCr-3-Spieler-1746966.jpg
www.comstern.de/gfx1746966new/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.comstern.de/gfx1746966new/ThreeChess-Schach-f%C3%BCr-3-Spieler-1746966.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d78f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
032ef3f9fc629f421aef3ff2b37479bd7095fe55ccc611eb1bd331265b6b59b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
vary
Accept-Encoding
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20986
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHE7TOjaMnMy3pdD5WRxcLbdaH2xo9TAFpXWjdyFxpZtXFRfoDjpblN%2FGGg1zjCFutmYBpgeHH9CzNgBD4GUfbrGvwP%2B1wWZSMnzrjZkiNr5JvjaBZ5INWFUhBMVHswNITdbpTSB6x9jmYUWv54%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-stackifyid
V2|2469a68e-9025-420c-9b15-0471465e7222|C57918|CD9
cache-control
private, max-age=7776000
accept-ranges
bytes
cf-ray
68362cd989c943b8-FRA
eintritt_berliner_fernsehturm__1111.jpg
cdn.service.hip-trips.com/media/images/product/1/4/2/1111/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.service.hip-trips.com/media/images/product/1/4/2/1111/eintritt_berliner_fernsehturm__1111.jpg?width=1024&height=768&mode=crop
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
d92cb9bd-872d-42ba-9e03-66e5ea8f2577._SR970,300_.png
m.media-amazon.com/images/S/aplus-media/sota/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/S/aplus-media/sota/d92cb9bd-872d-42ba-9e03-66e5ea8f2577._SR970,300_.png
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5a00:1d:d7f6:39cf:a761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a0a7c23588646e00bf4a699ff9fdc4e16b1f295bc156cefa50cd1967a37df7ce

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 10:13:33 GMT
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
age
16660101
edge-cache-tag
x-cache-017,/images/S/aplus-media/sota/d92cb9bd-872d-42ba-9e03-66e5ea8f2577
x-cache
Hit from cloudfront
content-length
45747
surrogate-key
x-cache-017 /images/S/aplus-media/sota/d92cb9bd-872d-42ba-9e03-66e5ea8f2577
last-modified
Thu, 05 Apr 2018 08:21:28 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ab165be4-cd05-4786-8722-41ec80cc6143
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1eG_cXOOx0VBfcFRS8UabbLaLUROPHQH6Bz-l3XN4v7hcsTs8srkzA==
expires
Wed, 06 Feb 2041 22:00:41 GMT
dracula-slot-loewen-play-lionline.jpg
www.casinos-online.com/bilder/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinos-online.com/bilder/dracula-slot-loewen-play-lionline.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d96f39a346899b86b68194d2389b6d377f0c44c6bf80d5a2a3148de63f884cde

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
last-modified
Mon, 11 Jan 2021 15:14:25 GMT
server
Apache
etag
"1610378065"
x-hw
1629740942.cds168.fr8.hn,1629740942.cds259.fr8.sc,1629740942.cds259.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5184000, public
accept-ranges
bytes
content-length
192659
maxresdefault.jpg
i.ytimg.com/vi/YFod5ZWxYgs/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YFod5ZWxYgs/maxresdefault.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b5873fe2105b2edec792d24fa2ff8d6df19cfac3edff56ef09e80d405235d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79120
x-xss-protection
0
expires
Mon, 23 Aug 2021 19:49:02 GMT
EM-Wetten.jpg
p5.focus.de/img/fotos/origs285914/2977581029-w630-h455-o-q75-p5/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p5.focus.de/img/fotos/origs285914/2977581029-w630-h455-o-q75-p5/EM-Wetten.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:849d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-varnish-cache
MISS
x-varnish-retries
0
date
Mon, 23 Aug 2021 17:49:02 GMT
x-varnish-backend
goto.00000000.(10.70.234.153).(http://origin-internal.bf-folescenic-production.aws.bfops.io:80).(ttl:10.000000)
access-control-allow-origin
*
x-varnish-restarts
0
cache-control
max-age=60
accept-ranges
bytes
content-length
0
expires
Mon, 23 Aug 2021 17:50:02 GMT
maxresdefault.jpg
i.ytimg.com/vi/OJaAoIknguM/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/OJaAoIknguM/maxresdefault.jpg
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e84e9d5cf1d5b29e6b4ca4015f2bb0e55714dd8eb3bba49ed483035fdb890fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
x-content-type-options
nosniff
server
sffe
etag
"1515360736"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202877
x-xss-protection
0
expires
Mon, 23 Aug 2021 19:49:02 GMT
wp-embed.min.js
billfoxtravel.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billfoxtravel.com/wp-includes/js/wp-embed.min.js?ver=5.3
Requested by
Host: www.billfoxtravel.com
URL: https://www.billfoxtravel.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4f12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.billfoxtravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 17:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8955279
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Dec 2020 03:40:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fe16ab7-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sPVg7tnkpGRv3myQsNNf8d%2BdgcVnVnWptsv03ri%2FsXFPyooZ%2FUwXdS%2BsBbFTNHdTdQb7mAauIARNzyTJdDYhkW8M8OiYDh739Fn%2FPsB3wu7NXG%2FFOQ%2Fes3ZaOWUHyjNGw0K5IxOk%2BPrvNDzNZo5Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
68362cd959012c26-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
billfoxtravel.com/wp-includes/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
billfoxtravel.com
URL
http://billfoxtravel.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| wp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

777-casino-spiele.com
billfoxtravel.com
cdn.service.hip-trips.com
i.ytimg.com
m.media-amazon.com
p5.focus.de
www.billfoxtravel.com
www.brettspiele-report.de
www.casinos-online.com
www.comstern.de
www.fussball-blabla.de
billfoxtravel.com
151.139.128.11
18.184.59.54
2600:9000:2190:5a00:1d:d7f6:39cf:a761
2606:4700:3031::ac43:d78f
2606:4700:3036::6815:4f12
2a00:1450:4001:803::2016
2a02:26f0:64::214:849d
2a0b:4d07:102::1
35.197.240.169
85.13.139.169
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
032ef3f9fc629f421aef3ff2b37479bd7095fe55ccc611eb1bd331265b6b59b7
17a591d6036783118c6356690f7a4e22d60ad7c224db3897df5b46ccea09054c
4aa0c20954c4243d81fdc203c1c05fc647794da5f84e813b16f891b05b842cb1
4dc00eda85df11f521883210fa9f194f38d047e0de15bcded823f658fe71062e
5b5873fe2105b2edec792d24fa2ff8d6df19cfac3edff56ef09e80d405235d3f
919197aea47d8ce2aaa09877cf14e93873f405ba89efc06ae3f90954de4dad89
a0a7c23588646e00bf4a699ff9fdc4e16b1f295bc156cefa50cd1967a37df7ce
bf292fd0d6de18d47e596b74055919fdb6070435e4b7d5eb45b5d3e0d2470934
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
d96f39a346899b86b68194d2389b6d377f0c44c6bf80d5a2a3148de63f884cde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c4d1779e7d8e3c5299633426006e5e3ef3f71bd4905dca55e80587a912291e
e84e9d5cf1d5b29e6b4ca4015f2bb0e55714dd8eb3bba49ed483035fdb890fd3