Submitted URL: https://beach-checker.de/
Effective URL: https://reisebuero-gup.de/
Submission: On July 24 via automatic, source rescanner — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 213.95.81.32, located in Erlangen, Germany and belongs to NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE. The main domain is reisebuero-gup.de.
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.
This is the only time reisebuero-gup.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:4f8:c2c:... 24940 (HETZNER-AS)
1 18 213.95.81.32 12337 (NORIS-NET...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 83.169.3.220 8972 (GD-EMEA-D...)
4 92.51.182.254 20773 (GODADDY)
11 162.55.39.184 24940 (HETZNER-AS)
37 6
Domain Requested by
17 reisebuero-gup.de reisebuero-gup.de
10 media.xmlteam.de kreuzfahrten.schmetterling.de
4 kreuzfahrten.schmetterling.de reisebuero-gup.de
kreuzfahrten.schmetterling.de
3 cdnjs.cloudflare.com reisebuero-gup.de
cdnjs.cloudflare.com
1 static.xmlteam.de kreuzfahrten.schmetterling.de
1 www.paxconnect.de reisebuero-gup.de
1 www.privacypolicies.com reisebuero-gup.de
1 www.reisebuero-gup.de 1 redirects
1 beach-checker.de 1 redirects
37 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
reisebuero-gup.de
R3
2022-06-26 -
2022-09-24
3 months crt.sh
privacypolicies.com
Cloudflare Inc ECC CA-3
2022-05-26 -
2023-05-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
paxconnect.de
R3
2022-06-16 -
2022-09-14
3 months crt.sh
kreuzfahrten.schmetterling.de
R3
2022-07-02 -
2022-09-30
3 months crt.sh
*.xmlteam.de
Starfield Secure Certificate Authority - G2
2022-03-09 -
2023-04-08
a year crt.sh

This page contains 2 frames:

Primary Page: https://reisebuero-gup.de/
Frame ID: 95BC1B45AD2FF30BBEEA0CCFA7031281
Requests: 22 HTTP requests in this frame

Frame: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Frame ID: C4EA5F38B2A3DBB9332EEE20B871E5B0
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Reisebüro Garthe & Pflug GmbH Niederrad/Frankfurt

Page URL History Show full URLs

  1. https://beach-checker.de/ HTTP 301
    https://www.reisebuero-gup.de/ HTTP 301
    https://reisebuero-gup.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

7598 kB
Transfer

8257 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://beach-checker.de/ HTTP 301
    https://www.reisebuero-gup.de/ HTTP 301
    https://reisebuero-gup.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
reisebuero-gup.de/
Redirect Chain
  • https://beach-checker.de/
  • https://www.reisebuero-gup.de/
  • https://reisebuero-gup.de/
56 KB
10 KB
Document
General
Full URL
https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
8e0d27a3998e87d0a2276485961ce673c9a0ebbfcdcc5cc2ce22476a80429bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cluster-node
quadra-web3
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 00:26:45 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
178
content-type
text/html
date
Sun, 24 Jul 2022 00:26:44 GMT
location
https://reisebuero-gup.de/
server
nginx
cookie-consent.js
www.privacypolicies.com/public/cookie-consent/3.1.0/
160 KB
45 KB
Script
General
Full URL
https://www.privacypolicies.com/public/cookie-consent/3.1.0/cookie-consent.js
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff46387e7ec975caee4012087f2408abb971e74e67204e22c3796e61177a4da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2119
x-priority
5/n
x-z
5179
last-modified
Sat, 23 Jul 2022 22:09:23 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
sameorigin
etag
W/"7c7ab16c299eade850bd25149e691a04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEAn0APL6uwZ06JdaZdrH3KCGZRNzZYaAj6gSFBEFtAjUd%2B8OJEjHgg5akJe8aJ4DgLPs6kGHW24jr17PGohM01cYMPLWhvtD1RdUQ%2FxcSVqWu86UVJkoyNOEfj5NNfbhxnZ%2BCO70XNdit2cegluPrnfbN%2FA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, immutable, max-age=3600
cf-ray
72f886b4c887926b-FRA
expires
Sun, 24 Jul 2022 00:09:23 GMT
roboto-boldcondensed-webfont.woff2
reisebuero-gup.de/style/fonts/
19 KB
19 KB
Font
General
Full URL
https://reisebuero-gup.de/style/fonts/roboto-boldcondensed-webfont.woff2
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
933806ac81f95b950f2d510df90131879dcefb5a44bdc25eef06e9e59a862e64

Request headers

Referer
https://reisebuero-gup.de/
Origin
https://reisebuero-gup.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
last-modified
Thu, 08 Aug 2019 09:12:45 GMT
server
nginx
cluster-node
quadra-web3
expires
Sun, 24 Jul 2022 03:26:45 GMT
roboto-condensed-webfont.woff2
reisebuero-gup.de/style/fonts/
19 KB
19 KB
Font
General
Full URL
https://reisebuero-gup.de/style/fonts/roboto-condensed-webfont.woff2
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
dd19322e0c44bc391e2e91e8d8411688f7dacb2c05f45d0c7373f529b6114cb2

Request headers

Referer
https://reisebuero-gup.de/
Origin
https://reisebuero-gup.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
last-modified
Thu, 08 Aug 2019 09:12:45 GMT
server
nginx
cluster-node
quadra-web1
expires
Sun, 24 Jul 2022 03:26:45 GMT
app.min.css
reisebuero-gup.de/style/css/
89 KB
18 KB
Stylesheet
General
Full URL
https://reisebuero-gup.de/style/css/app.min.css
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a6e458a3600a5e6204a588ae52fb555761c50a06707869624910529d2baf1a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
content-encoding
gzip
last-modified
Thu, 08 Aug 2019 09:12:50 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cluster-node
quadra-web4
expires
Sun, 24 Jul 2022 03:26:45 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/
56 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://reisebuero-gup.de/
Origin
https://reisebuero-gup.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5045318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jgTFzuI2LH%2FdQIbw3KcfVC3py6QsI5YsTwxdXWuf0iSUbJ5GngOeOjcoJnRh5Oa4S3OL9rgFkw51uSk7eKeJbQh1L0GtcY7sS4mrGObnFBVyGBopAhvWLqoiNUUiuMIzvWVeL6COaWJgkWiOT%2BIdNDa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72f886b4ca846925-FRA
expires
Fri, 14 Jul 2023 00:26:45 GMT
modernizr.custom.min.js
reisebuero-gup.de/style/js/vendor/
5 KB
5 KB
Script
General
Full URL
https://reisebuero-gup.de/style/js/vendor/modernizr.custom.min.js
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
44c24f41fef5d3a624a5888104a1fabe4b6f61fc55ca75417befc18a5363d46b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
last-modified
Thu, 08 Aug 2019 09:12:54 GMT
server
nginx
cluster-node
quadra-web2
expires
Sun, 24 Jul 2022 03:26:45 GMT
39277
reisebuero-gup.de/files/
22 KB
23 KB
Image
General
Full URL
https://reisebuero-gup.de/files/39277
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
f4f46ec53a5ddeaa0b9efa873acb2b62e1ac9ab7d09fd57d80d1ec6888d2a8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Tue, 10 Feb 2009 13:01:16 GMT
server
nginx
cluster-node
quadra-web1
content-disposition
inline; filename=gup-logo_html_m50670d60.jpg
content-type
image/jpg
304311
reisebuero-gup.de/files/
287 KB
288 KB
Image
General
Full URL
https://reisebuero-gup.de/files/304311
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
1f609cd5bd14fba982c2f23e308ad8b78c44cf6f480a3e97b05976c6d72ef92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Wed, 04 Jun 2014 08:17:55 GMT
server
nginx
cluster-node
quadra-web2
content-disposition
inline; filename=Platzhalterbild.jpg
content-type
image/jpg
widgetButton.png
www.paxconnect.de/images/
6 KB
7 KB
Image
General
Full URL
https://www.paxconnect.de/images/widgetButton.png
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
83.169.3.220 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
lvps83-169-3-220.dedicated.hosteurope.de
Software
nginx / PleskLin
Resource Hash
18f2ff31be3dc8b06f80ed782d18fc732b3dfc0b24102c0009a681baefecaf80
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com *.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 00:26:45 GMT
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 18 Jan 2022 08:34:50 GMT
Server
nginx
X-FRAME-OPTIONS
SAMEORIGIN
X-Powered-By
PleskLin
strict-transport-security
max-age=31536000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
ETag
"61e67baa-19db"
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com *.youtube.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6619
X-Content-Type-Options
nosniff
723381
reisebuero-gup.de/files/
146 KB
146 KB
Image
General
Full URL
https://reisebuero-gup.de/files/723381
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
c912c87fd27ebcb8117ddd233083d19e48979f1fb6e2a686e52b34ca9a03a261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
last-modified
Fri, 01 Feb 2019 09:33:13 GMT
server
nginx
cluster-node
quadra-web3
content-disposition
inline; filename=856277_GuP_Teamfoto_2018_Komprimiert.jpg
content-type
image/jpg
360390
reisebuero-gup.de/files/
3 MB
3 MB
Image
General
Full URL
https://reisebuero-gup.de/files/360390
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
732e980bbe3072a626da040dbe58b5b1da3a914e5239301952160f0eb9f095b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Wed, 01 Apr 2015 12:37:26 GMT
server
nginx
cluster-node
quadra-web4
content-disposition
inline; filename=Buro_Innen.jpg
content-type
image/jpg
app.min.js
reisebuero-gup.de/style/js/
181 KB
182 KB
Script
General
Full URL
https://reisebuero-gup.de/style/js/app.min.js
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
7eb5b5436cf25ac88efb1ec46505a397735258bbde6f4ea2e674c5a69f950e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Tue, 06 Oct 2020 12:28:08 GMT
server
nginx
cluster-node
quadra-web4
expires
Sun, 24 Jul 2022 03:26:46 GMT
bg__motion.jpg
reisebuero-gup.de/style/img/
496 KB
497 KB
Image
General
Full URL
https://reisebuero-gup.de/style/img/bg__motion.jpg
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/style/css/app.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
90165721e92bf2844c69fe8ca5a67feaf7d2c22cb1016e485ee9f316069bbd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/style/css/app.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Tue, 03 Nov 2015 18:14:36 GMT
server
nginx
cluster-node
quadra-web1
expires
Sun, 24 Jul 2022 03:26:46 GMT
header_1.jpg
reisebuero-gup.de/style/img/
436 KB
437 KB
Image
General
Full URL
https://reisebuero-gup.de/style/img/header_1.jpg
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/style/css/app.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
397d0a7cc08f040017ae40a44e201d3c2406f2cdc101a24070e01772ab571f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/style/css/app.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:46 GMT
last-modified
Tue, 03 Nov 2015 18:14:36 GMT
server
nginx
cluster-node
quadra-web2
expires
Sun, 24 Jul 2022 03:26:46 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/
74 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://reisebuero-gup.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
967383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75336
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDfJWegcjwUA9Ak4aJxAVBJwF5J7DZdkgvXWIBFfBkeaFcLiehKbyyV7tfnx%2F8%2FBu2bnNJUsC7jlZTDFmV9tpu6ZPFG0f81%2B%2BCKkxQuPsMU1nTu%2F3Dmr%2BqJVsTwcytZqNLkWYocNYWQO6E1s0YhOQSKc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72f886b52ac16925-FRA
expires
Fri, 14 Jul 2023 00:26:45 GMT
/
kreuzfahrten.schmetterling.de/ Frame C4EA
94 KB
14 KB
Document
General
Full URL
https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Requested by
Host: reisebuero-gup.de
URL: https://reisebuero-gup.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.51.182.254 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
xtibe.de
Software
Apache /
Resource Hash
4a5148cc669b0281f23112662219be76376e468c6f5e8791869fef1666a10c33

Request headers

Referer
https://reisebuero-gup.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
13477
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 00:26:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/
74 KB
75 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://reisebuero-gup.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5109143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLSRd3RSRLPVycJZ0v0Jsm5oSPiHZsdVQNTSpCciGQHdupdU03nEeVX9wEaWtPtqRxeccMt4FSJlUWSAuFIf4U3G3UclqBEmji7fg%2FtTasZZD8nBG1n7z6VuVw17O0I5AtLlj5qOorNvKVMNZ3QD%2BBMg"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72f886b55ed46922-FRA
expires
Fri, 14 Jul 2023 00:26:45 GMT
all.min.css
kreuzfahrten.schmetterling.de/theme/compiledless/ Frame C4EA
168 KB
31 KB
Stylesheet
General
Full URL
https://kreuzfahrten.schmetterling.de/theme/compiledless/all.min.css?v=1.92
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.51.182.254 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
xtibe.de
Software
Apache /
Resource Hash
c1ab740188d13bafafe722dc2d59b5698291ce0ca3d7663781d60232672f5a38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 11:32:18 GMT
server
Apache
etag
"2a01b-5e426d64e128a-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
31675
logo-klein-msc.png
media.xmlteam.de/files/msc-kreuzfahrten/logo/ Frame C4EA
7 KB
7 KB
Image
General
Full URL
https://media.xmlteam.de/files/msc-kreuzfahrten/logo/logo-klein-msc.png
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
84c42cee69460a9aed1bf2bfc7ab80ba904a9c185da38a2977f9ba68bba80e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Thu, 24 Dec 2020 15:04:53 GMT
server
Apache
accept-ranges
bytes
etag
"1a8f-5b7372147ef40"
content-length
6799
content-type
image/png
59.jpeg
media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-fantasia/schiff/ Frame C4EA
39 KB
39 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-fantasia/schiff/59.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
86322e020ec947da138ec0a68d3cdd574fa150ea4a27d452e6efd72bfd3b8620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:00:16 GMT
server
Apache
accept-ranges
bytes
etag
"9a27-5e22a72406c78"
content-length
39463
content-type
image/jpeg
331.jpeg
media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-bellissima/schiff/ Frame C4EA
28 KB
28 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-bellissima/schiff/331.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
4aad104a7dd29f23e8e1170789606ad139200e043979fefcc0ec70e0e228f08d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:00:42 GMT
server
Apache
accept-ranges
bytes
etag
"706b-5e22a73ce111b"
content-length
28779
content-type
image/jpeg
233.jpeg
media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-meraviglia/schiff/ Frame C4EA
26 KB
26 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-meraviglia/schiff/233.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
eaec0b2ba7ef7d17ed4907b7929ae13beedb6b82a2cf6896a56d18a0cd08d7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:00:09 GMT
server
Apache
accept-ranges
bytes
etag
"6793-5e22a71c88d0b"
content-length
26515
content-type
image/jpeg
logo-klein-rccl.png
media.xmlteam.de/files/royal-caribbean-international/logo/ Frame C4EA
2 KB
2 KB
Image
General
Full URL
https://media.xmlteam.de/files/royal-caribbean-international/logo/logo-klein-rccl.png
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
b2421fc3cc1fc171e02de112f85bd0ad83233e49521aab630592d0bc4d9d6af8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Thu, 24 Dec 2020 15:04:44 GMT
server
Apache
accept-ranges
bytes
etag
"79f-5b73720be9b00"
content-length
1951
content-type
image/png
79.jpeg
media.xmlteam.de/t/m/s/royal-caribbean-international/explorer-of-the-seas/schiff/ Frame C4EA
36 KB
37 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/royal-caribbean-international/explorer-of-the-seas/schiff/79.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
3ccbc0fe8bcbd3846d84bc903f4688b370cb453639f53b4312ff28b8f2701354

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:19:08 GMT
server
Apache
accept-ranges
bytes
etag
"91bb-5e22ab5afbf29"
content-length
37307
content-type
image/jpeg
118.jpeg
media.xmlteam.de/t/m/s/msc-kreuzfahrten/preziosa/schiff/ Frame C4EA
50 KB
50 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/msc-kreuzfahrten/preziosa/schiff/118.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
687285501171c22d013692e1c06dbd856d6e73a2df36bfd4079b96b34278dead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:00:47 GMT
server
Apache
accept-ranges
bytes
etag
"c624-5e22a741b370f"
content-length
50724
content-type
image/jpeg
486.jpeg
media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-seashore/schiff/ Frame C4EA
27 KB
27 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/msc-kreuzfahrten/msc-seashore/schiff/486.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
9516a345c98c0f48de312b7b8cd4d24bd3df9682fb62c80107f770c215c66280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:00:09 GMT
server
Apache
accept-ranges
bytes
etag
"6b42-5e22a71d742a8"
content-length
27458
content-type
image/jpeg
princess-logo.jpeg
media.xmlteam.de/files/princess-cruises/logo/ Frame C4EA
14 KB
14 KB
Image
General
Full URL
https://media.xmlteam.de/files/princess-cruises/logo/princess-logo.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
60aa02902f8a13f9d023428807a4b2629ae3ea73332d75061b0bec33f251366f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 08 Feb 2022 15:21:29 GMT
server
Apache
accept-ranges
bytes
etag
"3604-5d783456cd040"
content-length
13828
content-type
image/jpeg
coralprincess.jpeg
media.xmlteam.de/t/m/s/princess-cruises/coral-princess/schiff/ Frame C4EA
28 KB
28 KB
Image
General
Full URL
https://media.xmlteam.de/t/m/s/princess-cruises/coral-princess/schiff/coralprincess.jpeg
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
ee54b4ebfae35bdd189178fdfa86c8b057dd4ef2275204f5616059dad681eccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Fri, 24 Jun 2022 05:09:39 GMT
server
Apache
accept-ranges
bytes
etag
"6fb4-5e22a93c3a060"
content-length
28596
content-type
image/jpeg
jquery-3.5.1.min.js
static.xmlteam.de/jquery/ Frame C4EA
87 KB
31 KB
Script
General
Full URL
https://static.xmlteam.de/jquery/jquery-3.5.1.min.js
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.39.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
media.xmlteam.de
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 06:32:06 GMT
server
Apache
etag
"15d84-5de8e5df59abb-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
30910
all.min.js
kreuzfahrten.schmetterling.de/theme/js/ Frame C4EA
171 KB
46 KB
Script
General
Full URL
https://kreuzfahrten.schmetterling.de/theme/js/all.min.js?v=1.92
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.51.182.254 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
xtibe.de
Software
Apache /
Resource Hash
fc06df98c93a5cd9d8da581ae1da2c574f33d08afd2325ea6ce2ea66cfb6ea30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kreuzfahrten.schmetterling.de/?p=2&sdt=3&bdt=90&t=K&subid=24312
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 11:32:23 GMT
server
Apache
etag
"2aaae-5e426d69b6b85-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
46886
fontawesome-webfont.woff2
kreuzfahrten.schmetterling.de/theme/fonts/ Frame C4EA
70 KB
71 KB
Font
General
Full URL
https://kreuzfahrten.schmetterling.de/theme/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: kreuzfahrten.schmetterling.de
URL: https://kreuzfahrten.schmetterling.de/theme/compiledless/all.min.css?v=1.92
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
92.51.182.254 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
xtibe.de
Software
Apache /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://kreuzfahrten.schmetterling.de/theme/compiledless/all.min.css?v=1.92
Origin
https://kreuzfahrten.schmetterling.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 19 Jul 2022 11:32:23 GMT
server
Apache
accept-ranges
bytes
etag
"118d8-5e426d6935530"
content-length
71896
content-type
font/woff2
683630
reisebuero-gup.de/files/
479 KB
479 KB
Image
General
Full URL
https://reisebuero-gup.de/files/683630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
badcf1ba9b1f736d37331b77444b4704f7bf35907df716ac583948c71dc54a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 02 Oct 2018 00:00:00 GMT
server
nginx
cluster-node
quadra-web1
content-disposition
inline; filename=Caribbean-3.jpg
content-type
image/jpg
683631
reisebuero-gup.de/files/
383 KB
383 KB
Image
General
Full URL
https://reisebuero-gup.de/files/683631
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
9e501a64e2e71abf6351b8dafb2934f99ded5e1cb7f2762480c80473289a2166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 02 Oct 2018 00:00:00 GMT
server
nginx
cluster-node
quadra-web2
content-disposition
inline; filename=Caribbean-4.jpg
content-type
image/jpg
683639
reisebuero-gup.de/files/
404 KB
405 KB
Image
General
Full URL
https://reisebuero-gup.de/files/683639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
7462f980e719fb624002f5710ef64f7213dfd90ecdcaf0bd8746e734c95e02e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 02 Oct 2018 00:00:00 GMT
server
nginx
cluster-node
quadra-web3
content-disposition
inline; filename=Cruise-4.jpg
content-type
image/jpg
683652
reisebuero-gup.de/files/
488 KB
489 KB
Image
General
Full URL
https://reisebuero-gup.de/files/683652
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
089cf9c78c8d93509d862d9b2ccc552224162cf8e13e27fab1490c67a0f0994d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 02 Oct 2018 00:00:00 GMT
server
nginx
cluster-node
quadra-web4
content-disposition
inline; filename=Mixed-2.jpg
content-type
image/jpg
683655
reisebuero-gup.de/files/
262 KB
263 KB
Image
General
Full URL
https://reisebuero-gup.de/files/683655
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.95.81.32 Erlangen, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
7d4ed11007f20747c3ce6cb7eee0af6bdd5670fe7d592a31ac2715a4ec857fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reisebuero-gup.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 00:26:48 GMT
last-modified
Tue, 02 Oct 2018 00:00:00 GMT
server
nginx
cluster-node
quadra-web1
content-disposition
inline; filename=Mixed-5.jpg
content-type
image/jpg

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cookieconsent object| html5 object| Modernizr object| customImages function| resizeIbeIframe object| Quadra function| $ function| jQuery object| simpleslider function| Picker function| VRTabs object| images object| set

1 Cookies

Domain/Path Name / Value
kreuzfahrten.schmetterling.de/ Name: PHPSESSID
Value: 146sj45ood6cm7pqdmqp2eqc1s

2 Console Messages

Source Level URL
Text
security warning URL: https://reisebuero-gup.de/
Message:
Mixed Content: The page at 'https://reisebuero-gup.de/' was loaded over HTTPS, but requested an insecure element 'http://www.paxconnect.de/images/widgetButton.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://reisebuero-gup.de/(Line 219)
Message:
Mixed Content: The page at 'https://reisebuero-gup.de/' was loaded over HTTPS, but requested an insecure element 'http://www.paxconnect.de/images/widgetButton.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beach-checker.de
cdnjs.cloudflare.com
kreuzfahrten.schmetterling.de
media.xmlteam.de
reisebuero-gup.de
static.xmlteam.de
www.paxconnect.de
www.privacypolicies.com
www.reisebuero-gup.de
162.55.39.184
213.95.81.32
2606:4700:20::ac43:46b8
2606:4700::6811:190e
2a01:4f8:c2c:abf5::1
83.169.3.220
92.51.182.254
089cf9c78c8d93509d862d9b2ccc552224162cf8e13e27fab1490c67a0f0994d
0ff46387e7ec975caee4012087f2408abb971e74e67204e22c3796e61177a4da
18f2ff31be3dc8b06f80ed782d18fc732b3dfc0b24102c0009a681baefecaf80
1f609cd5bd14fba982c2f23e308ad8b78c44cf6f480a3e97b05976c6d72ef92e
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
397d0a7cc08f040017ae40a44e201d3c2406f2cdc101a24070e01772ab571f3d
3ccbc0fe8bcbd3846d84bc903f4688b370cb453639f53b4312ff28b8f2701354
44c24f41fef5d3a624a5888104a1fabe4b6f61fc55ca75417befc18a5363d46b
4a5148cc669b0281f23112662219be76376e468c6f5e8791869fef1666a10c33
4aad104a7dd29f23e8e1170789606ad139200e043979fefcc0ec70e0e228f08d
60aa02902f8a13f9d023428807a4b2629ae3ea73332d75061b0bec33f251366f
687285501171c22d013692e1c06dbd856d6e73a2df36bfd4079b96b34278dead
6a6e458a3600a5e6204a588ae52fb555761c50a06707869624910529d2baf1a9
732e980bbe3072a626da040dbe58b5b1da3a914e5239301952160f0eb9f095b8
7462f980e719fb624002f5710ef64f7213dfd90ecdcaf0bd8746e734c95e02e7
7d4ed11007f20747c3ce6cb7eee0af6bdd5670fe7d592a31ac2715a4ec857fdd
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7eb5b5436cf25ac88efb1ec46505a397735258bbde6f4ea2e674c5a69f950e43
84c42cee69460a9aed1bf2bfc7ab80ba904a9c185da38a2977f9ba68bba80e7b
86322e020ec947da138ec0a68d3cdd574fa150ea4a27d452e6efd72bfd3b8620
8e0d27a3998e87d0a2276485961ce673c9a0ebbfcdcc5cc2ce22476a80429bd7
90165721e92bf2844c69fe8ca5a67feaf7d2c22cb1016e485ee9f316069bbd22
933806ac81f95b950f2d510df90131879dcefb5a44bdc25eef06e9e59a862e64
9516a345c98c0f48de312b7b8cd4d24bd3df9682fb62c80107f770c215c66280
9e501a64e2e71abf6351b8dafb2934f99ded5e1cb7f2762480c80473289a2166
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
b2421fc3cc1fc171e02de112f85bd0ad83233e49521aab630592d0bc4d9d6af8
badcf1ba9b1f736d37331b77444b4704f7bf35907df716ac583948c71dc54a94
c1ab740188d13bafafe722dc2d59b5698291ce0ca3d7663781d60232672f5a38
c912c87fd27ebcb8117ddd233083d19e48979f1fb6e2a686e52b34ca9a03a261
dd19322e0c44bc391e2e91e8d8411688f7dacb2c05f45d0c7373f529b6114cb2
eaec0b2ba7ef7d17ed4907b7929ae13beedb6b82a2cf6896a56d18a0cd08d7c4
ee54b4ebfae35bdd189178fdfa86c8b057dd4ef2275204f5616059dad681eccd
f4f46ec53a5ddeaa0b9efa873acb2b62e1ac9ab7d09fd57d80d1ec6888d2a8c8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fc06df98c93a5cd9d8da581ae1da2c574f33d08afd2325ea6ce2ea66cfb6ea30