www.billigadamunderklader.prissajt.hemsida.eu Open in urlscan Pro
91.201.60.103  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.billigadamunderklader.prissajt.hemsida.eu/	24 KB 6 KB	256ms 51ms	Document text/html	91.201.60.103 ASODERLAND
General Check archive.org Show headers Download Go to Full URL https://www.billigadamunderklader.prissajt.hemsida.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.201.60.103 , Sweden, ASN44136 (ASODERLAND, SE), Reverse DNS premium12.oderland.com Software LiteSpeed / PHP/7.4.33 Resource Hash 6666018450a951e33b11bf0ec9cb95ec45563cac9faef3d3a9fd0e0d84d9a03a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-type text/html; charset=UTF-8 date Sun, 11 Aug 2024 11:36:18 GMT server LiteSpeed vary Accept-Encoding,User-Agent x-powered-by PHP/7.4.33
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 51 KB	226ms 106ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9553418494683158 Requested by Host: www.billigadamunderklader.prissajt.hemsida.eu URL: https://www.billigadamunderklader.prissajt.hemsida.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash c3458a5a20384a73fd99e2d99b6311264023ba7162fe05f3554b12d479981cb5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ Origin https://www.billigadamunderklader.prissajt.hemsida.eu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52476 x-xss-protection 0 server cafe etag 7648099659533613083 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 11 Aug 2024 11:36:18 GMT
GET H3	200	ads.js Show response www.google.com/adsense/search/	148 KB 53 KB	183ms 67ms	Script text/javascript	142.250.185.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/search/ads.js Requested by Host: www.billigadamunderklader.prissajt.hemsida.eu URL: https://www.billigadamunderklader.prissajt.hemsida.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f4.1e100.net Software sffe / Resource Hash ca9fd8abaee25d89400cfd399f5d70f5f92467b7821dd8e3a820ae087cbfd892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="ads-afs-ui" etag "1398493480206911739" vary Accept-Encoding report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 accept-ranges bytes link <https://syndicatedsearch.goog>; rel="preconnect" expires Sun, 11 Aug 2024 11:36:18 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	220 KB 79 KB	209ms 81ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MH6K9HD Requested by Host: www.billigadamunderklader.prissajt.hemsida.eu URL: https://www.billigadamunderklader.prissajt.hemsida.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 75437a8db03462873d3e1c0c528b9386838f999995ab0102ceeb4b8b9dca9487 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79992 x-xss-protection 0 last-modified Sun, 11 Aug 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 11 Aug 2024 11:36:18 GMT
GET H3	200	slotcar_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/	86 KB 30 KB	192ms 76ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/slotcar_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9553418494683158 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash bf213e5886d42506d2a1fc80463f81b2a83b075a39fdade3407a8097a0654c88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30706 x-xss-protection 0 server cafe etag 15668985838253610081 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 11 Aug 2024 11:36:19 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/	423 KB 143 KB	259ms 144ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9553418494683158 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 89e85f4b123c237c20160b2e14d9b1e9f2557235212e7489c9fd7f4c7776db8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 145965 x-xss-protection 0 server cafe etag 15103388921442363897 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 11 Aug 2024 11:36:19 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	190ms 57ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH6K9HD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 11 Aug 2024 11:15:05 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1274 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 11 Aug 2024 13:15:05 GMT
GET H3	200	cookie.js Show response partner.googleadservices.com/gampad/	374 B 261 B	138ms 65ms	Script text/javascript	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.billigadamunderklader.prissajt.hemsida.eu&client=partner-pub-9553418494683158&product=SAS&callback=__sasCookie Requested by Host: www.google.com URL: https://www.google.com/adsense/search/ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash f410570add01288e9628e659f6349779a1954901c3da533aebcb8b2c32933ebf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 239 x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 242 B	65ms 63ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1806286674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.billigadamunderklader.prissajt.hemsida.eu%2F&ul=se-se&de=UTF-8&dt=Cheap%20till%20b%C3%A4sta%20pris.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=773479032&gjid=2070777458&cid=1484503892.1723376179&tid=UA-111860070-1&_gid=451420371.1723376179&_slc=1&gtm=45He4880n81MH6K9HDv78173743za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1667515198 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 506310d8dad486f337b996d028e55a2828ee8e844cb529ffcee48204a3107faf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 11 Aug 2024 11:36:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.billigadamunderklader.prissajt.hemsida.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 367 B	185ms 59ms	XHR text/plain	2a00:1450:400c:c0d::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111860070-1&cid=1484503892.1723376179&jid=773479032&gjid=2070777458&_gid=451420371.1723376179&_u=YGBAgEABAAAAAGAAI~&z=682813691 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 11 Aug 2024 11:36:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.billigadamunderklader.prissajt.hemsida.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	88ms 87ms	Fetch text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9553418494683158 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software / Resource Hash Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	rum_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/	56 KB 22 KB	58ms 58ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/rum_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 3e20c0c2d24367500ea66f15fd74f518ee8a68580410329d3d3e3a569d780bff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 02:48:05 GMT content-encoding br x-content-type-options nosniff age 31694 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22079 x-xss-protection 0 server cafe etag 8896385225312064168 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Aug 2024 02:48:05 GMT
GET H3	200	zrt_lookup_fy2021.html pagead2.googlesyndication.com/pagead/html/r20240807/r20110914/ Frame E2EF	0 0	168ms 57ms	Document text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers age 41209 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4141 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 00:09:30 GMT etag 3784890935487277381 expires Sun, 25 Aug 2024 00:09:30 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads pagead2.googlesyndication.com/pagead/ Frame CD73	0 0	220ms 126ms	Document text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9553418494683158&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723376179&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.billigadamunderklader.prissajt.hemsida.eu%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_7~27_8~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aifgd=1&aipaq=1&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723376178967&bpp=2&bdt=307&idt=370&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=477230145063&rume=1&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31085989%2C44795922%2C95334527%2C95334830%2C95337868%2C95338228%2C95335247%2C31084187%2C95338262%2C95336267%2C31061691%2C31061692%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1024583318799205&tmod=557469021&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=395 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 11:36:19 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	283 KB 98 KB	77ms 76ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JEVKTS95RJ&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d9684b7a36cd414dfbf414c1b5e8edd613f297decebaf1e2a2c4757f97df1ba5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100080 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 11 Aug 2024 11:36:19 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	126ms 44ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-JEVKTS95RJ&gtm=45je4880v9135731463za200&_p=1723376178684&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=se-se&sr=1600x1200&cid=1484503892.1723376179&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.billigadamunderklader.prissajt.hemsida.eu%2F&dt=Cheap%20till%20b%C3%A4sta%20pris.&sid=1723376179&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1154 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JEVKTS95RJ&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 11 Aug 2024 11:36:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.billigadamunderklader.prissajt.hemsida.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	83ms 82ms	XHR application/json	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash dd5e8f3d117e5eef366d2d9f2a4f4b70eeccd1f7b41571f20f955e2aeea1c349 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12810 x-xss-protection 0
GET H2	404	favicon.ico www.billigadamunderklader.prissajt.hemsida.eu/	1 KB 1 KB	45ms 44ms	Other text/html	91.201.60.103 ASODERLAND
General Check archive.org Show headers Download Go to Full URL https://www.billigadamunderklader.prissajt.hemsida.eu/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.201.60.103 , Sweden, ASN44136 (ASODERLAND, SE), Reverse DNS premium12.oderland.com Software LiteSpeed / Resource Hash 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 11 Aug 2024 11:36:19 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 vary User-Agent content-type text/html
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	199ms 69ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9553418494683158&plah=www.billigadamunderklader.prissajt.hemsida.eu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 11:36:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 11 Aug 2024 11:36:19 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BB6	0 0	180ms 56ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 70906 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 10 Aug 2024 15:54:34 GMT expires Sun, 10 Aug 2025 15:54:34 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	csi csi.gstatic.com/	0 234 B	839ms 325ms	Ping image/gif	2a00:1450:401a:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lzphoij2&c=1024583318799205&e=44759875%2C44759926%2C44759837%2C31085989%2C44795922%2C95334527%2C95334830%2C95337868%2C95338228%2C95335247%2C31084187%2C31061691%2C31061692%2C31078663%2C31078668%2C31078670&ctx=1&met.3=1001.ft_1__1~164.fu~165.fs_2~166.fg_f~723.m9_1~1032.q2~326.q6_1~832.q8~868.q8~216.q2_7~215.q2_7~843.q0_8~889.qn~639.r5~112.ry_2~113.x7_1~1244.1iy&met.1=1.lzphohr3~6.1~7.3a~8.3a~9.3a~10.5r~11.4h~12.5r~13.75~14.77~15.79~16.7z~17.7z~18.80~19.x4~20.x4~21.x5~22.8f~23.8f Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20240807/r20110914/rum_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:401a:800::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.billigadamunderklader.prissajt.hemsida.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 11 Aug 2024 11:36:21 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=1024583318799205&bg=!ZmWlZSrNAAZjy5caQ8s7ADQBe5WfOB7zYONqmaA6roCY-zQqvDXfV1kUftaqkcR1tTI7Z-EOSDz7blH0NcGUy0j5GK06AgAAAEVSAAAABWgBB34ANr34TLS9hHiUyh09t34mnGH6WTtysi42BXi60aWdLm8EzgF1cTPt6yGL2cydVvdOWUM4Ywolg5kCzOiTdjCiO1lb27r_F1zPPbyUXbjOtFKyEOghkWtT3TfXJEoKzoDtDOBDVHvzLbDJ4LquEdGunboSbCOgROXHv04DUn0q8KfjB3pcTMhYHHKJrLxSQl8lVlGOUCC1cTsdnzG2WS3QS-E17q25olkB4GO7kgHNc72a5MoScrOT-XniD4KT91-n6uWjZe4zeTZCNXjBDwVML--wUBLS0tqrHzpm4oXYGuhDIP-HReHOSywvqfigSFMsgy9_EEx37EjK_DyuAL2ptEMrBjDaZiwOi38-M-oRaLb_iHllt6pR12Q2AsZpXXxxUIQcIpv2V99NdeA5uzT_wZWjuYlm4tjSJV447E6svD9LPnTHeLiSKmCLCo9GUaTDKwjQtOuQEgPOfzDTJqODcinIes1XaP-Opw4aiWW2Hh_it134uHerxDDM4mzjoICM57wlVwHZZX6tJMc7iU8C4RB_-9bfauKi65fggA9h2Xr_0TfSml0ha6IH8Dpj_fhhsN2PWopsoIldyMAnW5ckf1wB3nE3gpiX0lf5S0C7ZT6wRahNx0uPNlBnjVd3qDm5nwpXt-hH6IJWvlg3crSKHtRReamdbmqGqPo6yMmEdlkxPBxJwPmEwlpg46YJYKec5B-AgFTe311mKigps2NLCcMRE9kCjRSqPR6Jfg1LJDpRmB8eW4y-QCimhzSxz1bB8VPbdLdsSNUkw86zR3mvmAGzy7Tluu03TJ7KwndMEcbi1pgvb1VbESXpRHnjh6KDoWR98crbkxXwcotG-tuhSuC2Stci6WSTHngO7uC8FsCd_eSbdOF9QTsEWRBs56MDAhx3NnpPH0WttGUajcilEijFMRTEKFoIh8mleiaD3ZBqbkKx5OHE5pKoSbekc7mh-qwAb__c7Cz4kXaNRyY2F3-8mC2-N9DuGIFuTSGKumrwMMnpZI-C1IbcmCuqm88K9Lr7ty_c

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| searchByKeyword function| _googCsa function| handle function| toggleClass number| googleNDT_ number| googleAltLoader object| google object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| pageOptions object| adblock1 object| adblock2 function| __sasCookie function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_rum_config number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hemsida.eu/	1970-01-21 08:04:32	Name: __gsas Value: ID=b1b266d7f1663333:T=1723376179:RT=1723376179:S=ALNI_MZB_waDNDWMiDzU82duFqxHqGMhcg
			.hemsida.eu/	1970-01-21 08:18:56	Name: _ga Value: GA1.2.1484503892.1723376179
			.hemsida.eu/	1970-01-20 22:44:22	Name: _gid Value: GA1.2.451420371.1723376179
			.hemsida.eu/	1970-01-20 22:42:56	Name: _dc_gtm_UA-111860070-1 Value: 1
			.hemsida.eu/	1970-01-21 08:18:56	Name: _ga_JEVKTS95RJ Value: GS1.2.1723376179.1.0.1723376179.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.billigadamunderklader.prissajt.hemsida.eu/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.billigadamunderklader.prissajt.hemsida.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.164
142.250.186.98
172.217.16.194
2001:4860:4802:34::36
2a00:1450:4001:80b::2008
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2001
2a00:1450:400c:c0d::9d
2a00:1450:401a:800::2003
91.201.60.103
3e20c0c2d24367500ea66f15fd74f518ee8a68580410329d3d3e3a569d780bff
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
506310d8dad486f337b996d028e55a2828ee8e844cb529ffcee48204a3107faf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6666018450a951e33b11bf0ec9cb95ec45563cac9faef3d3a9fd0e0d84d9a03a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75437a8db03462873d3e1c0c528b9386838f999995ab0102ceeb4b8b9dca9487
89e85f4b123c237c20160b2e14d9b1e9f2557235212e7489c9fd7f4c7776db8c
bf213e5886d42506d2a1fc80463f81b2a83b075a39fdade3407a8097a0654c88
c3458a5a20384a73fd99e2d99b6311264023ba7162fe05f3554b12d479981cb5
ca9fd8abaee25d89400cfd399f5d70f5f92467b7821dd8e3a820ae087cbfd892
d9684b7a36cd414dfbf414c1b5e8edd613f297decebaf1e2a2c4757f97df1ba5
dd5e8f3d117e5eef366d2d9f2a4f4b70eeccd1f7b41571f20f955e2aeea1c349
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f410570add01288e9628e659f6349779a1954901c3da533aebcb8b2c32933ebf