billigt.uptours.dk Open in urlscan Pro
2600:1901:0:4117::  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response billigt.uptours.dk/	12 KB 12 KB	150ms 107ms	Document text/html	2600:1901:0:4117:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:4117:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Caddy Qloaked / Resource Hash c4feef24e7652dd300f15a5641c4bddba5b736f910de10b8831f066d4ac7d1f1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-type text/html; charset=utf-8 date Wed, 12 Jan 2022 12:40:34 GMT pragma no-cache server Caddy Qloaked x-frame-options SAMEORIGIN x-qloaked-clientip 2001:ac8:20:3c00:1011:b790:be6d:3c73
GET H2	200	picnic.css billigt.uptours.dk/css/	61 KB 61 KB	103ms 103ms	Stylesheet text/css	2600:1901:0:4117:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://billigt.uptours.dk/css/picnic.css?v=WbIFu1HhCEkk-dlstU9vh9rPASkgZU4vOyUeCet1NlI Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:4117:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Caddy, Qloaked / Resource Hash d2f102c396dcfce96899e764b8e5597325e27f9279bafde17677a95b16df9c1f Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 12:40:34 GMT last-modified Wed, 12 Jan 2022 08:02:11 GMT server Caddy, Qloaked etag "1d8078ab3bf378c" content-type text/css x-qloaked-clientip 2001:ac8:20:3c00:1011:b790:be6d:3c73 accept-ranges bytes content-length 62476
GET H2	200	site.css billigt.uptours.dk/css/	1 KB 2 KB	68ms 68ms	Stylesheet text/css	2600:1901:0:4117:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://billigt.uptours.dk/css/site.css?v=0xfvbF7UmIwYLmkgIR-k8C1OEheV3iozWgEiGErvfX4 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:4117:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Caddy, Qloaked / Resource Hash 7f4442c07049be66081c768f9bc7d2b09c47935a9be511c2924b623c8d6522cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 12:40:34 GMT last-modified Wed, 12 Jan 2022 08:02:11 GMT server Caddy, Qloaked etag "1d8078ab3bfc67b" content-type text/css x-qloaked-clientip 2001:ac8:20:3c00:1011:b790:be6d:3c73 accept-ranges bytes content-length 1531
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	39ms 17ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700|Source+Sans+Pro:400,700&display=swap Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bdf2887b50713c0a3ebe7e0247a0cfcd75d903caf04bd38b920667ebaaf9f823 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 12 Jan 2022 12:40:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 12 Jan 2022 12:40:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 12 Jan 2022 12:40:34 GMT
GET H2	200	widget.module.min.js Show response unpkg.com/friendly-challenge@0.9.0/	27 KB 12 KB	78ms 37ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/friendly-challenge@0.9.0/widget.module.min.js Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28fc8be26154593bf8c59823f78d2de3e070b72768d0d586a3db32eb6096f5f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://billigt.uptours.dk/ Origin https://billigt.uptours.dk Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 12:40:34 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 8039867 fly-request-id 01FHQHEFDNRK6FSDF785AZ5P1T content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"6d29-ev6EXGRShyWJOyjeYafARkQxJWo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6cc67440ff7e83be-MXP
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	51ms 30ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-28270016-2 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 555c6bb824bc2ddf3c9bc150146295d0746ad822e001f228cdaac53d3037f8e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 12:40:34 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36634 x-xss-protection 0 last-modified Wed, 12 Jan 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 12 Jan 2022 12:40:34 GMT
OPTIONS H2	204	puzzle eu-api.friendlycaptcha.eu/api/v1/	0 0	55ms 12ms	Preflight	49.12.21.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://eu-api.friendlycaptcha.eu/api/v1/puzzle?sitekey=FCMGARTTQKB9DMCP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.21.226 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.21.12.49.clients.your-server.de Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-frc-client Origin https://billigt.uptours.dk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 12 Jan 2022 12:40:34 GMT d0fe82e4-8483-466d-b195-f164c286b0f6 1babc591-3434-4783-a32c-09e3ff3e9dbf x-xss-protection 1; mode=block x-content-type-options nosniff x-frame-options SAMEORIGIN vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin * access-control-allow-methods GET,HEAD,OPTIONS access-control-allow-headers Origin,Content-Type,Accept,X-Requested-With,Referer,X-Frc-Client access-control-max-age 1800
GET H2	200	puzzle Show response eu-api.friendlycaptcha.eu/api/v1/	99 B 632 B	107ms 107ms	Fetch application/json	49.12.21.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://eu-api.friendlycaptcha.eu/api/v1/puzzle?sitekey=FCMGARTTQKB9DMCP Requested by Host: unpkg.com URL: https://unpkg.com/friendly-challenge@0.9.0/widget.module.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.21.226 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.21.12.49.clients.your-server.de Software / Resource Hash 2340ca571320fd60ef9429e353dde80bc5fd762f4e79988404be03184ed9907d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://billigt.uptours.dk/ x-frc-client js-0.9.0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 12:40:34 GMT content-encoding br x-content-type-options nosniff accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Model,Sec-CH-UA-Mobile,viewport-width,dpr,device-memory,rtt,downlink,ect c4660fe3-4ddf-469b-a5cf-2612bbef2544 cf952047-293e-49f7-901e-8833a1564362 x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin * x-frc-proxy proxy-eu content-length 94 vary Origin, Accept-Encoding x-frc-proxy-accept proxy-eu x-xss-protection 1; mode=block
GET DATA	200 OK	truncated /	95 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 38431d381e066600b5f4bd2fd13d613d19cdd19022c743196a1b5257a43438e4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v18/	13 KB 13 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Source+Sans+Pro:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://billigt.uptours.dk Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 11:22:37 GMT x-content-type-options nosniff age 4677 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13080 x-xss-protection 0 last-modified Wed, 10 Nov 2021 18:10:26 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 12 Jan 2023 11:22:37 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v18/	13 KB 13 KB	28ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700|Source+Sans+Pro:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://billigt.uptours.dk Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 05:43:33 GMT x-content-type-options nosniff age 25021 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13008 x-xss-protection 0 last-modified Wed, 10 Nov 2021 18:10:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 12 Jan 2023 05:43:33 GMT
GET BLOB	200 OK	630ed6f1-61b8-4a05-a5a3-9aa52ed7e906 https://billigt.uptours.dk/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://billigt.uptours.dk/630ed6f1-61b8-4a05-a5a3-9aa52ed7e906 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5cf7cbab880ec0cdb66ff95e4538c4a4a98b36bdd7bf889b79f11c18006b3756 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 10108 Content-Type text/javascript
GET BLOB	200 OK	ea1c4467-1a75-45a7-bc59-d23a9c14a736 https://billigt.uptours.dk/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://billigt.uptours.dk/ea1c4467-1a75-45a7-bc59-d23a9c14a736 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5cf7cbab880ec0cdb66ff95e4538c4a4a98b36bdd7bf889b79f11c18006b3756 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 10108 Content-Type text/javascript
GET BLOB	200 OK	366d0ef5-609d-4752-9238-9e43bd038160 https://billigt.uptours.dk/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://billigt.uptours.dk/366d0ef5-609d-4752-9238-9e43bd038160 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5cf7cbab880ec0cdb66ff95e4538c4a4a98b36bdd7bf889b79f11c18006b3756 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 10108 Content-Type text/javascript
GET BLOB	200 OK	48f4dc44-4e57-49cb-acd4-760ba192b8a8 https://billigt.uptours.dk/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://billigt.uptours.dk/48f4dc44-4e57-49cb-acd4-760ba192b8a8 Requested by Host: billigt.uptours.dk URL: https://billigt.uptours.dk/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5cf7cbab880ec0cdb66ff95e4538c4a4a98b36bdd7bf889b79f11c18006b3756 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 10108 Content-Type text/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-28270016-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5968 date Wed, 12 Jan 2022 11:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 12 Jan 2022 13:01:06 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 209 B	13ms 13ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1729025808&t=pageview&_s=1&dl=https%3A%2F%2Fbilligt.uptours.dk%2F&dp=%2Fsms-unsubscribe&ul=en-us&de=UTF-8&dt=billigt.uptours.dk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=929558422&gjid=1769818993&cid=2130006604.1641991235&tid=UA-28270016-2&_gid=296061610.1641991235&_r=1&gtm=2ou1a0&z=5557639 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://billigt.uptours.dk/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 12 Jan 2022 12:40:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://billigt.uptours.dk cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 444 B	57ms 19ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28270016-2&cid=2130006604.1641991235&jid=929558422&gjid=1769818993&_gid=296061610.1641991235&_u=YEBAAUAAAAAAAC~&z=1582470144 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://billigt.uptours.dk/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 12 Jan 2022 12:40:34 GMT content-type text/plain access-control-allow-origin https://billigt.uptours.dk cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	61ms 31ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28270016-2&cid=2130006604.1641991235&jid=929558422&_u=YEBAAUAAAAAAAC~&z=1220071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jan 2022 12:40:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	59ms 30ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28270016-2&cid=2130006604.1641991235&jid=929558422&_u=YEBAAUAAAAAAAC~&z=1220071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billigt.uptours.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jan 2022 12:40:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| friendlyChallenge function| friendlyCaptchaCallBack function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			billigt.uptours.dk/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.h4abqjftbws Value: CfDJ8Oyc4i1poO5AjTtzne2D5HK4LA1byyZYyPn9rKpwEAHgbOPnZAkne2PTKDZBjWdA2Ag_3rCOR0qWls1xMJp6eSRNboL8TY9Ar2AvGYkCxucrrdYDPBKekMvBDJoqv-Bxd7DRdXCiv0mLHvf2qNKxPUM
			.uptours.dk/	1970-01-20 17:37:43	Name: _ga Value: GA1.2.2130006604.1641991235
			.uptours.dk/	1970-01-20 00:07:57	Name: _gid Value: GA1.2.296061610.1641991235
			.uptours.dk/	1970-01-20 00:06:31	Name: _gat_gtag_UA_28270016_2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billigt.uptours.dk
eu-api.friendlycaptcha.eu
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2600:1901:0:4117::
2606:4700::6810:7aaf
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9c
49.12.21.226
2340ca571320fd60ef9429e353dde80bc5fd762f4e79988404be03184ed9907d
28fc8be26154593bf8c59823f78d2de3e070b72768d0d586a3db32eb6096f5f7
38431d381e066600b5f4bd2fd13d613d19cdd19022c743196a1b5257a43438e4
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
555c6bb824bc2ddf3c9bc150146295d0746ad822e001f228cdaac53d3037f8e3
5cf7cbab880ec0cdb66ff95e4538c4a4a98b36bdd7bf889b79f11c18006b3756
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
7f4442c07049be66081c768f9bc7d2b09c47935a9be511c2924b623c8d6522cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bdf2887b50713c0a3ebe7e0247a0cfcd75d903caf04bd38b920667ebaaf9f823
c4feef24e7652dd300f15a5641c4bddba5b736f910de10b8831f066d4ac7d1f1
d2f102c396dcfce96899e764b8e5597325e27f9279bafde17677a95b16df9c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629