bilanzhot.com Open in urlscan Pro
78.140.189.194 Public Scan

URL:
http://bilanzhot.com/
Submission: On December 02 via api (December 2nd 2018, 11:35:06 pm UTC) from DE

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 40 domains to perform 79 HTTP transactions. The main IP is 78.140.189.194, located in Netherlands and belongs to WEBZILLA, NL. The main domain is bilanzhot.com.

This is the only time bilanzhot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	78.140.189.194 78.140.189.194	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700:10:... 2606:4700:10::6814:6f27	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.111.238.225 104.111.238.225	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a02:cbf7:1:0... 2a02:cbf7:1:0:62:138:239:103	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
3	2a02:26f0:6c0... 2a02:26f0:6c00:29f::d97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	35.190.93.140 35.190.93.140	15169 (GOOGLE) (GOOGLE - Google LLC)
4	23.38.53.222 23.38.53.222	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	213.182.15.189 213.182.15.189	12931 (IDKOM IDK...) (IDKOM IDKOM Networks GmbH)
1 1	35.190.48.80 35.190.48.80	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.228.85 104.111.228.85	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	213.164.64.19 213.164.64.19	13054 (FREINET F...) (FREINET Freiburg)
1	2.18.233.122 2.18.233.122	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	104.111.242.240 104.111.242.240	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	82.211.33.134 82.211.33.134	31400 (ACCELERAT...) (ACCELERATED-IT)
2 2	91.105.246.131 91.105.246.131	33873 (ARVATO-SY...) (ARVATO-SYSTEMS-AS *)
2 4	104.111.226.140 104.111.226.140	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 3	217.182.187.115 217.182.187.115	16276 (OVH) (OVH)
1	213.182.18.21 213.182.18.21	12931 (IDKOM IDK...) (IDKOM IDKOM Networks GmbH)
2 3	46.245.182.43 46.245.182.43	41412 (MIVITEC-AS) (MIVITEC-AS)
1 2	35.186.199.204 35.186.199.204	15169 (GOOGLE) (GOOGLE - Google LLC)
1	193.218.202.89 193.218.202.89	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
2	2.16.186.32 2.16.186.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	62.141.58.43 62.141.58.43	31103 (KEYWEB-AS) (KEYWEB-AS)
1 1	2606:4700:20:... 2606:4700:20::6819:8d73	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:20:... 2606:4700:20::6819:8e73	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	2a01:4f8:201:... 2a01:4f8:201:24b0::2	24940 (HETZNER-AS) (HETZNER-AS)
2	2a01:4f8:201:... 2a01:4f8:201:24b1::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:30:... 2606:4700:30::681b:b72f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:20:... 2606:4700:20::6819:ef72	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	91.105.246.141 91.105.246.141	33873 (ARVATO-SY...) (ARVATO-SYSTEMS-AS *)
1 2	104.111.226.107 104.111.226.107	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	104.31.91.233 104.31.91.233	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	46.4.80.130 46.4.80.130	24940 (HETZNER-AS) (HETZNER-AS)
1	2.16.186.9 2.16.186.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:2800:233... 2606:2800:233:23c9:90c:111f:15f5:25b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:29b::31ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::31ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	50.7.91.72 50.7.91.72	174 (COGENT-174) (COGENT-174 - Cogent Communications)
1	87.106.16.150 87.106.16.150	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1 1	193.30.60.245 193.30.60.245	3209 (VODANET I...) (VODANET International IP-Backbone of Vodafone)
1	104.111.227.144 104.111.227.144	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	35.190.46.116 35.190.46.116	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
79	39

22 78.140.189.194 (Netherlands)

ASN35415 (WEBZILLA, NL)

bilanzhot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6f27 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.225 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-238-225.deploy.static.akamaitechnologies.com

www.srf.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:cbf7:1:0:62:138:239:103 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)

bilder.t-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:29f::d97 (European Union)

ASN20940 (AKAMAI-ASN1, US)

p5.focus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.93.140 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 140.93.190.35.bc.googleusercontent.com

ksta.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.53.222 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-222.deploy.static.akamaitechnologies.com

www.ksta.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.express.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mz-web.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.182.15.189 (Germany) 1 redirects

ASN12931 (IDKOM IDKOM Networks GmbH, DE)
PTR: lb-v245-a.net.ke2.speedkom.net

weser-kurier.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.weser-kurier.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.48.80 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 80.48.190.35.bc.googleusercontent.com

express.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.85 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-228-85.deploy.static.akamaitechnologies.com

media.diepresse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.164.64.19 (Freiburg, Germany)

ASN13054 (FREINET Freiburg, Germany, DE)
PTR: bz-prod.badische-zeitung.de

ais.badische-zeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.122 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-122.deploy.static.akamaitechnologies.com

i0.web.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.240 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-240.deploy.static.akamaitechnologies.com

www.schweizer-illustrierte.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.211.33.134 (Germany) 1 redirects

ASN31400 (ACCELERATED-IT, DE)

trendyone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.trendyone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.105.246.131 (Germany) 2 redirects

ASN33873 (ARVATO-SYSTEMS-AS *, DE)

tagesspiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.226.140 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-140.deploy.static.akamaitechnologies.com

www.tagesspiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.182.187.115 (France) 2 redirects

ASN16276 (OVH, FR)

ruhrnachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ruhrnachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.182.18.21 (Germany)

ASN12931 (IDKOM IDKOM Networks GmbH, DE)
PTR: lb-v230-a.net.ke2.speedkom.net

berchtesgadener-anzeiger.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.245.182.43 (Germany) 2 redirects

ASN41412 (MIVITEC-AS, DE)
PTR: 46-245-182-43.static.mivitec.net

swp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.swp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.199.204 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 204.199.186.35.bc.googleusercontent.com

cicero.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cicero.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.218.202.89 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

www.merkur.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.32 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com

aisrtl-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.141.58.43 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: lb-vrrp.news.de

media.news.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:8d73 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

notebookcheck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:8e73 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.notebookcheck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:201:24b0::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

watson.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:201:24b1::2 (Germany)

ASN24940 (HETZNER-AS, DE)

www.watson.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:b72f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.androidkosmos.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:ef72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.ntower.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.105.246.141 (Germany) 1 redirects

ASN33873 (ARVATO-SYSTEMS-AS *, DE)

handelsblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.226.107 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-107.deploy.static.akamaitechnologies.com

www.handelsblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.31.91.233 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.onmsft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.80.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de-varnish-01.adrivo.com

images.motorsport-magazin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.9 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-9.deploy.static.akamaitechnologies.com

aisrtlnext-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:23c9:90c:111f:15f5:25b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

img.huffingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:29b::31ca (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

media3.faz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a3::31ca (European Union)

ASN20940 (AKAMAI-ASN1, US)

media3.faz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.7.91.72 (Frankfurt, Germany)

ASN174 (COGENT-174 - Cogent Communications, US)

cdnde1.img.sputniknews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.106.16.150 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: silver.goxxl.de

unternehmen-heute.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.30.60.245 (Hanover, Germany) 1 redirects

ASN3209 (VODANET International IP-Backbone of Vodafone, DE)
PTR: blog.lvz.de

op-marburg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.227.144 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-227-144.deploy.static.akamaitechnologies.com

www.op-marburg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.46.116 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 116.46.190.35.bc.googleusercontent.com

mz-web.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bilanzhot.com bilanzhot.com	384 KB
6	googlesyndication.com pagead2.googlesyndication.com	205 KB
6	tagesspiegel.de 4 redirects tagesspiegel.de www.tagesspiegel.de	3 KB
4	watson.ch 2 redirects watson.ch www.watson.ch	60 KB
4	ksta.de 2 redirects ksta.de www.ksta.de	107 KB
3	handelsblatt.com 2 redirects handelsblatt.com www.handelsblatt.com	46 KB
3	akamaihd.net aisrtl-a.akamaihd.net aisrtlnext-a.akamaihd.net	181 KB
3	swp.de 2 redirects swp.de www.swp.de	122 KB
3	ruhrnachrichten.de 2 redirects ruhrnachrichten.de www.ruhrnachrichten.de	39 KB
3	focus.de p5.focus.de	148 KB
3	t-online.de bilder.t-online.de	226 KB
3	addtoany.com static.addtoany.com	60 KB
2	doubleclick.net googleads.g.doubleclick.net
2	google-analytics.com www.google-analytics.com	17 KB
2	mz-web.de 1 redirects mz-web.de www.mz-web.de	109 KB
2	op-marburg.de 1 redirects op-marburg.de www.op-marburg.de	27 KB
2	faz.net 1 redirects media3.faz.net	31 KB
2	notebookcheck.com 1 redirects notebookcheck.com www.notebookcheck.com	329 KB
2	cicero.de 1 redirects cicero.de www.cicero.de	81 KB
2	trendyone.de 1 redirects trendyone.de www.trendyone.de	140 KB
2	express.de 1 redirects express.de www.express.de	39 KB
2	weser-kurier.de 1 redirects weser-kurier.de www.weser-kurier.de	34 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	unternehmen-heute.de unternehmen-heute.de	110 KB
1	sputniknews.com cdnde1.img.sputniknews.com	130 KB
1	huffingtonpost.com img.huffingtonpost.com	672 KB
1	motorsport-magazin.com images.motorsport-magazin.com	108 KB
1	onmsft.com www.onmsft.com	416 B
1	ntower.de www.ntower.de	77 KB
1	androidkosmos.de www.androidkosmos.de	125 KB
1	news.de media.news.de	23 KB
1	merkur.de www.merkur.de	27 KB
1	berchtesgadener-anzeiger.de berchtesgadener-anzeiger.de	43 KB
1	schweizer-illustrierte.ch www.schweizer-illustrierte.ch	67 KB
1	web.de i0.web.de	321 KB
1	badische-zeitung.de ais.badische-zeitung.de	120 KB
1	diepresse.com media.diepresse.com	17 KB
1	srf.ch www.srf.ch	23 KB
1	googleapis.com ajax.googleapis.com	33 KB
79	40

	Domain	Requested by
22	bilanzhot.com	bilanzhot.com
6	pagead2.googlesyndication.com	bilanzhot.com pagead2.googlesyndication.com
4	www.tagesspiegel.de	2 redirects bilanzhot.com
3	p5.focus.de	bilanzhot.com
3	bilder.t-online.de	bilanzhot.com
3	static.addtoany.com	bilanzhot.com static.addtoany.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	bilanzhot.com
2	media3.faz.net	1 redirects bilanzhot.com
2	www.handelsblatt.com	1 redirects bilanzhot.com
2	www.watson.ch	bilanzhot.com
2	watson.ch	2 redirects
2	aisrtl-a.akamaihd.net	bilanzhot.com
2	www.swp.de	1 redirects bilanzhot.com
2	www.ruhrnachrichten.de	1 redirects bilanzhot.com
2	tagesspiegel.de	2 redirects
2	www.ksta.de	bilanzhot.com
2	ksta.de	2 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.mz-web.de	bilanzhot.com
1	mz-web.de	1 redirects
1	www.op-marburg.de	bilanzhot.com
1	op-marburg.de	1 redirects
1	unternehmen-heute.de	bilanzhot.com
1	cdnde1.img.sputniknews.com	bilanzhot.com
1	img.huffingtonpost.com	bilanzhot.com
1	aisrtlnext-a.akamaihd.net	bilanzhot.com
1	images.motorsport-magazin.com	bilanzhot.com
1	www.onmsft.com	bilanzhot.com
1	handelsblatt.com	1 redirects
1	www.ntower.de	bilanzhot.com
1	www.androidkosmos.de	bilanzhot.com
1	www.notebookcheck.com	bilanzhot.com
1	notebookcheck.com	1 redirects
1	media.news.de	bilanzhot.com
1	www.merkur.de	bilanzhot.com
1	www.cicero.de	bilanzhot.com
1	cicero.de	1 redirects
1	swp.de	1 redirects
1	berchtesgadener-anzeiger.de	bilanzhot.com
1	ruhrnachrichten.de	1 redirects
1	www.trendyone.de	bilanzhot.com
1	trendyone.de	1 redirects
1	www.schweizer-illustrierte.ch	bilanzhot.com
1	i0.web.de	bilanzhot.com
1	ais.badische-zeitung.de	bilanzhot.com
1	media.diepresse.com	bilanzhot.com
1	www.express.de	bilanzhot.com
1	express.de	1 redirects
1	www.weser-kurier.de	bilanzhot.com
1	weser-kurier.de	1 redirects
1	www.srf.ch	bilanzhot.com
1	ajax.googleapis.com	bilanzhot.com
79	54

This site contains links to these domains. Also see Links.

Domain
www.addtoany.com

Subject Issuer	Validity	Valid
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-14` - `2019-02-20`	6 months	crt.sh
*.srf.ch DigiCert SHA2 Secure Server CA	`2018-05-18` - `2019-05-18`	a year	crt.sh
bilder.t-online.de TeleSec ServerPass DE-2	`2018-07-31` - `2019-07-09`	a year	crt.sh
*.focus.de DigiCert SHA2 Secure Server CA	`2018-04-25` - `2019-04-25`	a year	crt.sh
www.dumontnet.de DigiCert ECC Secure Server CA	`2018-08-24` - `2019-11-23`	a year	crt.sh
*.weser-kurier.de COMODO RSA Organization Validation Secure Server CA	`2018-02-06` - `2021-05-05`	3 years	crt.sh
diepresse.com Let's Encrypt Authority X3	`2018-09-27` - `2018-12-26`	3 months	crt.sh
img.ui-portal.de GeoTrust RSA CA 2018	`2018-07-04` - `2019-09-02`	a year	crt.sh
www.axelspringer.ch GeoTrust RSA CA 2018	`2018-10-19` - `2019-07-31`	9 months	crt.sh
www.trendyone.de COMODO RSA Domain Validation Secure Server CA	`2018-03-16` - `2019-03-28`	a year	crt.sh
www.tagesspiegel.de COMODO RSA Organization Validation Secure Server CA	`2017-01-16` - `2020-01-30`	3 years	crt.sh
www.ruhrnachrichten.de Let's Encrypt Authority X3	`2018-10-19` - `2019-01-17`	3 months	crt.sh
*.swp.de RapidSSL RSA CA 2018	`2018-01-30` - `2019-05-17`	a year	crt.sh
cicero.de Let's Encrypt Authority X3	`2018-11-27` - `2019-02-25`	3 months	crt.sh
ssl375106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-11-30` - `2019-06-08`	6 months	crt.sh
*.watson.ch Thawte TLS RSA CA G1	`2018-08-03` - `2020-01-02`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-08-01` - `2019-08-01`	a year	crt.sh
ssl374710.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-11-29` - `2019-06-07`	6 months	crt.sh
*.handelsblatt.com DigiCert SHA2 Secure Server CA	`2018-06-15` - `2019-12-14`	a year	crt.sh
img.huffingtonpost.com DigiCert SHA2 Secure Server CA	`2017-10-23` - `2020-05-15`	3 years	crt.sh
www.faz.net DigiCert ECC Secure Server CA	`2018-06-24` - `2019-06-24`	a year	crt.sh
*.img.sputniknews.com RU-CENTER High Assurance Services CA 2	`2017-11-10` - `2019-11-17`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-11-07` - `2019-01-30`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-11-07` - `2019-01-30`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-11-07` - `2019-01-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://bilanzhot.com/
Frame ID: E698F37AEEB5FC5C31B258A17CBE6F50
Requests: 75 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.21.html
Frame ID: 3C2BDC0D608548E81C93DA6658CB3102
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/show_ads_impl.js
Frame ID: 76C0902235148E2F707DF62E74C681D1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181128/r20180604/zrt_lookup.html
Frame ID: AA7A0031DB28FDDB5D5319D74C35D72E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1060184441413640&output=html&h=600&adk=1420471628&adf=1531739185&w=300&lmt=1543793689&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbilanzhot.com%2F&flash=0&wgl=1&adsid=NT&dt=1543793689655&bpp=11&bdt=578&fdt=57&idt=56&shv=r20181128&cbv=r20180604&saldr=aa&abxe=1&correlator=7192851999626&frm=20&pv=2&ga_vid=616223139.1543793690&ga_sid=1543793690&ga_hid=11519617&ga_fc=0&iag=0&icsg=34628173730&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195146%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.bv6te63nq2tw&fsb=1&xpc=Pv4SGc5Co9&p=http%3A//bilanzhot.com&dtd=73
Frame ID: 0C6EF29315D4F596173A62F0495B28F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

env /^a2apage_init$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /swfobject.*\.js/i
env /^SWFObject$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

79
Requests

53 %
HTTPS

36 %
IPv6

40
Domains

54
Subdomains

39
IPs

6
Countries

4280 kB
Transfer

4783 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://static.addtoany.com/menu/page.js HTTP 307
https://static.addtoany.com/menu/page.js

Request Chain 22

http://ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg HTTP 301
https://www.ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg

Request Chain 23

http://weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinigt._Foto_Xinhua_dpa.jpg HTTP 301
https://www.weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinigt._Foto_Xinhua_dpa.jpg

Request Chain 24

http://express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg HTTP 301
https://www.express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg

Request Chain 29

http://trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg HTTP 301
https://www.trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg

Request Chain 30

http://tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg HTTP 301
http://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg HTTP 301
https://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg

Request Chain 32

http://ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg HTTP 301
http://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg HTTP 301
https://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg

Request Chain 34

http://swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg HTTP 302
http://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg HTTP 301
https://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg

Request Chain 36

http://cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg HTTP 301
https://www.cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg

Request Chain 40

http://notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg HTTP 301
https://www.notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg

Request Chain 41

http://watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518 HTTP 301
https://www.watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518

Request Chain 44

http://handelsblatt.com/images/apple/21233048/2-format2020.jpg HTTP 301
https://www.handelsblatt.com/images/apple/21233048/2-format2020.jpg HTTP 301
https://www.handelsblatt.com/images/apple/21233048/6-format2020.jpg

Request Chain 52

http://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg HTTP 301
https://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg

Request Chain 53

http://watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102 HTTP 301
https://www.watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102

Request Chain 55

http://ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg HTTP 301
https://www.ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg

Request Chain 57

http://op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser_article.jpg HTTP 301
http://www.op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser_article.jpg

Request Chain 58

http://mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg HTTP 301
https://www.mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg

Request Chain 60

http://tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg HTTP 301
http://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg HTTP 301
https://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg

Request Chain 68

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 78

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1101912744&gjid=647923503&cid=616223139.1543793690&tid=UA-61170363-66&_gid=430264361.1543793690&_r=1&z=1136432088 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1101912744&gjid=647923503&cid=616223139.1543793690&tid=UA-61170363-66&_gid=430264361.1543793690&_r=1&z=1136432088

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bilanzhot.com/ 59 KB
59 KB 208ms
40ms Document
text/html 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 / PHP/5.3.3
Resource Hash: 6866ab78a40881aaf5687cb859032ce4ffe0c3ce52df17f5e258602b97cc8259

Request headers

Host: bilanzhot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.10.1
Date: Sun, 02 Dec 2018 23:34:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.3

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 14 Nov 2018 18:34:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1573205
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33621
X-XSS-Protection: 1; mode=block
Expires: Thu, 14 Nov 2019 18:34:44 GMT

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
bilanzhot.com/js/ 19 KB
19 KB 60ms
13ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/js/jquery.bxslider.min.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:12:03 GMT
Server: nginx/1.10.1
ETag: "5b4c6f73-4b9f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19359

GET
H/1.1 200
OK jquery.bxslider.css
bilanzhot.com/lib/ 3 KB
4 KB 46ms
12ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/lib/jquery.bxslider.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: ff996e1eb120d9579eb967315171a6c38ce5023d5bf5c7a5fbe5a1b3545f05dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 20:01:08 GMT
Server: nginx/1.10.1
ETag: "5b4ba804-dad"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3501

GET
H/1.1 200
OK style.css
bilanzhot.com/wp-content/plugins/woodojo/bundled/woodojo-tabs/assets/css/ 5 KB
5 KB 53ms
11ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/plugins/woodojo/bundled/woodojo-tabs/assets/css/style.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 0f40cd4537739830044642907a20c3c0bc8f76ae3bd7a62e6b79838f779c0440

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 20:01:03 GMT
Server: nginx/1.10.1
ETag: "5b4ba7ff-1464"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5220

GET
H/1.1 200
OK style.css
bilanzhot.com/wp-content/themes/newsday-child/ 24 KB
25 KB 54ms
13ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 1233203f9d13963d95940835bfeddb0f37d90c03c2aa99b6b41e60535b171130

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Wed, 18 Jul 2018 11:25:00 GMT
Server: nginx/1.10.1
ETag: "5b4f238c-61f7"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25079

GET
H/1.1 200
OK layout.css
bilanzhot.com/wp-content/themes/newsday-child/css/ 17 KB
17 KB 56ms
15ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/css/layout.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 28ce07b4ab35ce29295c2706d79403089bff51f2ea141bb7d254d308dd84a984

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 20:01:15 GMT
Server: nginx/1.10.1
ETag: "5b4ba80b-4373"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17267

GET
H/1.1 200
OK ads.min.css
bilanzhot.com/wp-content/plugins/ad-module/css/ 416 B
653 B 58ms
16ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/plugins/ad-module/css/ads.min.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: f0c710925c71cbc3c13115b08dda1325753ad2b7858e6d04a6ba34e12dcaa57b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 19 Jul 2018 00:38:25 GMT
Server: nginx/1.10.1
ETag: "5b4fdd81-1a0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 416

GET
H/1.1 200
OK style.css
bilanzhot.com/wp-content/plugins/really-simple-facebook-twitter-share-buttons/ 2 KB
2 KB 58ms
16ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 65e0864f5864c050f04b10ba21866a9bc1b6bc677f7919652aaeeb4b4c40d50a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:12:11 GMT
Server: nginx/1.10.1
ETag: "5b4c6f7b-865"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H/1.1 200
OK jquery.js Show response
bilanzhot.com/wp-includes/js/jquery/ 94 KB
94 KB 65ms
11ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-includes/js/jquery/jquery.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:12:24 GMT
Server: nginx/1.10.1
ETag: "5b4c6f88-1763f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95807

GET
H/1.1 200
OK jquery-migrate.min.js Show response
bilanzhot.com/wp-includes/js/jquery/ 7 KB
7 KB 70ms
12ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Wed, 18 Jul 2018 12:26:00 GMT
Server: nginx/1.10.1
ETag: "5b4f31d8-1c1f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7199

GET
H/1.1 200
OK functions.js Show response
bilanzhot.com/wp-content/plugins/woodojo/bundled/woodojo-tabs/assets/js/ 543 B
794 B 71ms
12ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/plugins/woodojo/bundled/woodojo-tabs/assets/js/functions.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: de724ddb29f818be10cb7a5bec52636b1aa7cf7d1d40f2a498bf94334fcf67ee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:11:57 GMT
Server: nginx/1.10.1
ETag: "5b4c6f6d-21f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 543

GET
H/1.1 200
OK ajax.js Show response
bilanzhot.com/wp-content/plugins/safe-report-comments/js/ 490 B
741 B 73ms
12ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/plugins/safe-report-comments/js/ajax.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: f5e4d356e6abe8e871d5bd3058408590df3ed99588146e50402d7eac5a1e4781

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 21:45:47 GMT
Server: nginx/1.10.1
ETag: "5b4bc08b-1ea"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 490

GET
H/1.1 200
OK third-party.js Show response
bilanzhot.com/wp-content/themes/canvas/includes/js/ 3 KB
4 KB 79ms
11ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/canvas/includes/js/third-party.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 6f587094c6bd83e0c090c426c8cc8b4319a8f120284f74daf17d06eef710029b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 02:36:14 GMT
Server: nginx/1.10.1
ETag: "5b4c049e-dbd"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3517

GET
H/1.1 200
OK modernizr.js Show response
bilanzhot.com/wp-content/themes/canvas/includes/js/ 5 KB
5 KB 94ms
23ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/canvas/includes/js/modernizr.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: c1559b05f8b68cf88343eea14f151bf8b4df15ea3be0d9f00c88a3fd7a8bfb43

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:12:04 GMT
Server: nginx/1.10.1
ETag: "5b4c6f74-1485"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5253

GET
H/1.1 200
OK swipe.min.js Show response
bilanzhot.com/wp-content/themes/newsday-child/js/ 4 KB
4 KB 96ms
25ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/js/swipe.min.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 2d0de0ea520e126acb8f612cfa605dab3fd355f6949fea575955627764d8dbde

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Wed, 18 Jul 2018 12:25:56 GMT
Server: nginx/1.10.1
ETag: "5b4f31d4-f78"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3960

GET
H/1.1 200
OK general.js Show response
bilanzhot.com/wp-content/themes/canvas/includes/js/ 4 KB
4 KB 97ms
25ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/canvas/includes/js/general.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: e2535154b6eb2170922012581e9a9fb2608e26a2c54b9a051348d64abddb1f42

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 20:06:14 GMT
Server: nginx/1.10.1
ETag: "5b4ba936-fc2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4034

GET
H/1.1 200
OK swfobject.js Show response
bilanzhot.com/wp-includes/js/ 10 KB
10 KB 98ms
18ms Script
application/javascript 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-includes/js/swfobject.js
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 5fc71212d5f80194f946cc9239d030aae8b51879ec22bd6f9a793c49e543d1c0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sun, 15 Jul 2018 21:02:54 GMT
Server: nginx/1.10.1
ETag: "5b4bb67e-27f7"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10231

GET
H/1.1 200
OK logo.png
bilanzhot.com/ 8 KB
8 KB 12ms
12ms Image
image/png 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bilanzhot.com/logo.png
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 09127eccb51fd13b56d5325e9e79dd523111455bf365a511108c1dd7a8eed214

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Wed, 18 Jul 2018 23:18:15 GMT
Server: nginx/1.10.1
ETag: "5b4fcab7-20b6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8374

GET
S

200

page.js Show response
static.addtoany.com/menu/
Redirect Chain

http://static.addtoany.com/menu/page.js
https://static.addtoany.com/menu/page.js

79 KB
27 KB

52ms
11ms

Script
application/javascript

2606:4700:10::6814:6f27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a07d5fd7ecaa5ac705d48120d0946b38f940f381772fa56b087191d468bc5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 02 Dec 2018 07:49:14 GMT
server: cloudflare
etag: W/"13c2b-57c0544d37444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
expires: Tue, 04 Dec 2018 23:34:49 GMT
cache-control: public, max-age=172800
cf-ray: 48319b3d0f71c2bf-FRA
cf-bgj: minify

Redirect headers

Location: https://static.addtoany.com/menu/page.js
Non-Authoritative-Reason: HSTS

GET
S 200 bild.jpg
www.srf.ch/var/storage/images/_aliases/640w/auftritte/news/audios/node_16683216/183110451-2-ger-DE/ 23 KB
23 KB 67ms
24ms Image
image/jpeg 104.111.238.225
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.srf.ch/var/storage/images/_aliases/640w/auftritte/news/audios/node_16683216/183110451-2-ger-DE/bild.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.225 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-238-225.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8fb27967beb68340323c196b97c617bb7890022a669090d73e2e525db01ffa28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Nov 2018 15:54:10 GMT
server: Apache
etag: "5ce3-57bbb93af4f12"
content-type: image/jpeg
status: 200
cache-control: max-age=30730869
accept-ranges: bytes
content-length: 23779
x-xss-protection: 1; mode=block
expires: Sat, 23 Nov 2019 15:55:58 GMT

GET
H/1.1 200
OK buenos-aires-ukraine-konflikt-ueberschattet-g20-gipfel-quelle-screenshot-reuters-.jpg
bilder.t-online.de/b/84/87/38/28/id_84873828/tid_da/ 34 KB
34 KB 81ms
15ms Image
image/jpeg 2a02:cbf7:1:0:62:138:239:103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/84/87/38/28/id_84873828/tid_da/buenos-aires-ukraine-konflikt-ueberschattet-g20-gipfel-quelle-screenshot-reuters-.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: babfa107f59a2ffb0c0bafab1ed62cffe3fbea4e2cf7dc251d81a774db66f401

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 22:34:57 GMT
Last-Modified: Fri, 30 Nov 2018 15:45:49 GMT
Age: 3591
Etag: "84873828-1"
Vary: User-Agent
Content-Language: de-DE
Cache-Control: max-age=7200
X-SourceInfo: cmsweb05/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 34742

GET
S 200 compressed-d52f58a4-ae80-42c8-b544-8c59e93eaa9346451124-403.jpg
p5.focus.de/img/ausland/origs9979617/3745443746-w630-h354-o-q75-p5/ 72 KB
72 KB 49ms
6ms Image
image/jpeg 2a02:26f0:6c00:29f::d97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.focus.de/img/ausland/origs9979617/3745443746-w630-h354-o-q75-p5/compressed-d52f58a4-ae80-42c8-b544-8c59e93eaa9346451124-403.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:29f::d97 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 7ef1a3359724a28ebb24dfb7b98bb90c8f809e6e25759a2327759eb7a29e33fb

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cmsid: a9979617
date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Tue, 27 Nov 2018 06:52:02 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cmstype: a
content-length: 73285
expires: Sun, 16 Dec 2018 23:34:49 GMT

GET
S

200

urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg
www.ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/
Redirect Chain

http://ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg
https://www.ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg

63 KB
64 KB

348ms
283ms

Image
image/jpeg

23.38.53.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.53.222 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-222.deploy.static.akamaitechnologies.com
Software: Apache/2.4.27 (Unix) /
Resource Hash: 573a8752e099552e58ad5739054d1d2ea7aeb83abf499a771140e7cf3faafbdf

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Sat, 17 Nov 2018 10:11:39 GMT
server: Apache/2.4.27 (Unix)
content-length: 65023
content-language: en-US
status: 200
cache-control: max-age=15552000
cneonction: close
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-document-type: image
expires: Fri, 31 May 2019 23:34:49 GMT

Redirect headers

Location: https://www.ksta.de/image/31606094/2x1/940/470/86b31146f28d34f7dfcf1ce549e93fbb/un/urn-newsml-dpa-com-20090101-181117-99-854359-large-4-3.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 google
X-Shield-Request-Id: 152695dcada99f53e09f57f33b3a1260
Server: shield
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinigt._Foto_Xinhua_dpa.jpg
www.weser-kurier.de/cms_media/module_img/5577/
Redirect Chain

http://weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinig...
https://www.weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_ge...

33 KB
33 KB

105ms
25ms

Image
image/jpeg

213.182.15.189
IDKOM IDKOM Netwo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinigt._Foto_Xinhua_dpa.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.182.15.189 , Germany, ASN12931 (IDKOM IDKOM Networks GmbH, DE),
Reverse DNS: lb-v245-a.net.ke2.speedkom.net
Software: /
Resource Hash: cf7f3168e57c5e281baf9b2dfd642edee20781c8206c8434a520db94b282e403

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 varnish
Last-Modified: Wed, 14 Nov 2018 12:11:20 GMT
Age: 0
ETag: "846a-57a9ed504355f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 33898
Expires: Sun, 09 Dec 2018 23:34:49 GMT

Redirect headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Content-Encoding: gzip
Age: 11698
Content-Type: text/html; charset=iso-8859-1
Location: https://www.weser-kurier.de/cms_media/module_img/5577/2788565_1_articlefancybox_EU-Flagge_und_der_Union_Jack_vor_dem_britischen_Parlament._Experten_haben_sich_auf_den_Text_eines_Brexit-Abkommens_geeinigt._Foto_Xinhua_dpa.jpg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338
Via: 1.1 varnish

GET
S

200

ukraine-ketsch-russland-asowsches-meer.jpg
www.express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/
Redirect Chain

http://express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg
https://www.express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg

38 KB
38 KB

69ms
6ms

Image
image/jpeg

23.38.53.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.53.222 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-222.deploy.static.akamaitechnologies.com
Software: Apache/2.4.27 (Unix) /
Resource Hash: 79806301ff7eb27700b5e3efa4ae24671a3440e23550535e2ad59eda97397f80

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Mon, 26 Nov 2018 13:44:48 GMT
server: Apache/2.4.27 (Unix)
content-length: 39091
content-language: de-DE
status: 200
cache-control: max-age=15400513
cneonction: close
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-document-type: image
expires: Thu, 30 May 2019 05:30:02 GMT

Redirect headers

Location: https://www.express.de/image/31650350/max/600/450/10534907f137349d703962e2f6c2d31a/rw/ukraine-ketsch-russland-asowsches-meer.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 google
X-Shield-Request-Id: e529c5093ac8cab017d736756c48d063
Server: shield
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Birds-fly-past-a-road-and-rail-bridge-which-is-constructed-to-connect-the-Russian-mainland-with-the-Crimean-peninsula-at-sunrise-in-the-Kerch-Strait-Crimea_1543254017799841.jpg
media.diepresse.com/images/uploads_620/b/c/2/5536706/ 17 KB
17 KB 124ms
42ms Image
image/jpeg 104.111.228.85
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.diepresse.com/images/uploads_620/b/c/2/5536706/Birds-fly-past-a-road-and-rail-bridge-which-is-constructed-to-connect-the-Russian-mainland-with-the-Crimean-peninsula-at-sunrise-in-the-Kerch-Strait-Crimea_1543254017799841.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.228.85 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-228-85.deploy.static.akamaitechnologies.com
Software: Thumbor/6.4.1 /
Resource Hash: 851118e8dd4389c9fb6d56e66549c3ae44a7bd8db7c97630bfb63e6f3efb4507

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Cache-Control: public, max-age=69270
Server: Thumbor/6.4.1
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 16967
Expires: Mon, 03 Dec 2018 18:49:19 GMT

GET
H/1.1 200
OK 160615742-h-720.jpg
ais.badische-zeitung.de/piece/09/92/cd/3e/ 120 KB
120 KB 68ms
27ms Image
image/jpeg 213.164.64.19
FREINET Freiburg

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ais.badische-zeitung.de/piece/09/92/cd/3e/160615742-h-720.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 213.164.64.19 Freiburg, Germany, ASN13054 (FREINET Freiburg, Germany, DE),
Reverse DNS: bz-prod.badische-zeitung.de
Software: /
Resource Hash: e8df4ab6c0393f2054c073017968129e8bc57751270f7a3ddedd1c82315836fe

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Sat, 01 Dec 2018 16:42:41 GMT
Age: 0
ETag: "5c02ba01-1de2b"
X-Cacheable: YES:Cache-Control=max-age
X-Cache: MISS@bz-prod1-cache201
Content-Type: image/jpeg
Expires: Mon, 03 Dec 2018 00:34:49 GMT
Cache-Control: max-age=3600
X-Cache-Hits: 0
Accept-Ranges: bytes
Content-Length: 122411
X-Stage: prod1
X-AIS-Rule: 1 - Found in local cache root

GET
S 200 begnadigung-thanksgiving-truthaehne-weissen-haus.jpg
i0.web.de/image/554/33431554,pd=2/ 320 KB
321 KB 107ms
47ms Image
image/jpeg 2.18.233.122
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.web.de/image/554/33431554,pd=2/begnadigung-thanksgiving-truthaehne-weissen-haus.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.122 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-122.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0bd5b97ae711e11dd667c186b3e81a13930e969fff82a966986f6ca72bf78d02

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Fri, 23 Nov 2018 10:27:15 GMT
server: Apache
etag: "87E0AA809E1907FF2294B630B6BE2C2B"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
content-length: 327462
expires: Sun, 23 Dec 2018 10:56:39 GMT

GET
H/1.1 200
OK imago_st_1113_20190003_85326371.jpg
www.schweizer-illustrierte.ch/sites/default/files/styles/fixed-width-708/public/teaser-images/ 67 KB
67 KB 231ms
150ms Image
image/jpeg 104.111.242.240
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.schweizer-illustrierte.ch/sites/default/files/styles/fixed-width-708/public/teaser-images/imago_st_1113_20190003_85326371.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.242.240 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-242-240.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

83df6bedd073e4941b85c14342efde571762e361444c2975cb18d7db8568d941

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Nov 2018 15:04:10 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-AH-Environment: prod
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
X-Age: 0
Content-Length: 68338
X-Request-ID: v-dc1f86e4-f68a-11e8-afac-22000a603e51
Expires: Mon, 03 Dec 2018 23:34:49 GMT

GET
H/1.1

200
OK

3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg
www.trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/
Redirect Chain

http://trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg
https://www.trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg

139 KB
140 KB

116ms
23ms

Image
image/jpeg

82.211.33.134
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

82.211.33.134 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

Apache/2.4.10 (Debian) /

Resource Hash

893feb9eed9b0a278341beef56ef87e9a1e4e33c4fbfb98c4f30a29f5ced2870

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:53 GMT
Last-Modified: Thu, 15 Nov 2018 19:01:59 GMT
Server: Apache/2.4.10 (Debian)
ETag: "22d9f-57ab8af765b49"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=200
Content-Length: 142751
Expires: Tue, 01 Jan 2019 23:34:53 GMT

Redirect headers

Location: https://www.trendyone.de/cache/com_image_news_c793cda9a53fe8f9ea43c58b114714f0/3adfa9578b6e20f08624dd817c44dc89ce2d19a3.jpg
Date: Sun, 02 Dec 2018 23:34:53 GMT
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=2, max=200
Content-Length: 409
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

2-format43.jpg
www.tagesspiegel.de/images/jens-buechner/23650406/
Redirect Chain

http://tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg
http://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg
https://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg

0
796 B

100ms
48ms

Image
text/html

104.111.226.140
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.226.140 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-226-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
X-Cdn: Served-By-Akamai
Content-Type: text/html
Location: https://www.tagesspiegel.de/images/jens-buechner/23650406/2-format43.jpg
Cache-Control: private, max-age=90
Connection: keep-alive
Content-Length: 178
Expires: Sun, 02 Dec 2018 23:36:19 GMT

GET
S 200 stanlee.jpg
p5.focus.de/img/fotos/origs9897406/0648519026-w630-h472-o-q75-p5/ 33 KB
34 KB 9ms
9ms Image
image/jpeg 2a02:26f0:6c00:29f::d97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.focus.de/img/fotos/origs9897406/0648519026-w630-h472-o-q75-p5/stanlee.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:29f::d97 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: a9b595038e149f8bf249832fbce5f4bce70de744128d8540c4de8b2c7cb89fd0

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cmsid: a9897406
date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Mon, 12 Nov 2018 18:56:11 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cmstype: a
content-length: 34065
expires: Sun, 16 Dec 2018 23:34:49 GMT

GET
S

200

BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg
www.ruhrnachrichten.de/Bilder/
Redirect Chain

http://ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg
http://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg
https://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg

39 KB
38 KB

172ms
70ms

Image
image/jpeg

217.182.187.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.182.187.115 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 798df68605227232f02c497b0c35556346bd02a125400530dab7f6a86e59d5d9

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
content-encoding: gzip
etag: W/"-1747680686"
server: nginx
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800, public
expires: Sun, 09 Dec 2018 23:34:48 GMT

Redirect headers

Location: https://www.ruhrnachrichten.de/Bilder/BVB-Sportdirektor-Michael-Zorc-sieht-vor-dem-Liga-Gipfel-1612308.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK 896067_1_fullwidth_italiens-wirtschafts-und-finanzminister-giovanni-tria-foto-angelo-carconi-ansa-via-ap-dpa.jpg
berchtesgadener-anzeiger.de/cms_media/module_img/1792/ 42 KB
43 KB 79ms
23ms Image
image/jpeg 213.182.18.21
IDKOM IDKOM Netwo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://berchtesgadener-anzeiger.de/cms_media/module_img/1792/896067_1_fullwidth_italiens-wirtschafts-und-finanzminister-giovanni-tria-foto-angelo-carconi-ansa-via-ap-dpa.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 213.182.18.21 , Germany, ASN12931 (IDKOM IDKOM Networks GmbH, DE),
Reverse DNS: lb-v230-a.net.ke2.speedkom.net
Software: /
Resource Hash: 0dc7efbfdbb56f1d1a65200330fd721a7678f576e5e6d7f25d75a8f2a341366e

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 varnish
Last-Modified: Wed, 21 Nov 2018 11:34:48 GMT
Age: 0
ETag: "a923-57b2b233ecdf3"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 43299
Expires: Mon, 03 Dec 2018 23:34:49 GMT

GET
H/1.1

200
OK

w940_h530_x750_y549_b8b31f1217346a12.jpeg
www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/
Redirect Chain

http://swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg
http://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg
https://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg

121 KB
122 KB

85ms
27ms

Image
image/jpeg

46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

99c8b2ea6d01a008d2f203cf58e41b1fb2bbf159cfbc57d5476f9fa05c08b50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 15 Nov 2018 13:31:27 GMT
Server: Apache
ETag: "1e5f8-57ab41155e4a1"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Link: <https://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/b8b31f1217346a12.jpeg>;rel="canonical"
Content-Length: 124408

Redirect headers

Location: https://www.swp.de/imgs/07/3/5/8/6/0/6/1/6/tok_a15f39b88c07769ffe92c6629f596854/w940_h530_x750_y549_b8b31f1217346a12.jpeg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK london-am-zug-briten-und-eu-einigen-sich-auf-brexit-vertrag-quelle-imago-i-images-.jpg
bilder.t-online.de/b/84/78/10/44/id_84781044/tid_da/ 92 KB
92 KB 41ms
15ms Image
image/jpeg 2a02:cbf7:1:0:62:138:239:103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/84/78/10/44/id_84781044/tid_da/london-am-zug-briten-und-eu-einigen-sich-auf-brexit-vertrag-quelle-imago-i-images-.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: dcac1d7e836bc73426f51e62285ca17d73790851bfed00087e07df3cfa596c4d

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 19:56:31 GMT
Last-Modified: Wed, 14 Nov 2018 07:04:30 GMT
Age: 13097
Etag: "84781044-1"
Vary: User-Agent
Content-Language: en-US
Cache-Control: max-age=7200
X-SourceInfo: cmsweb07/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 93783

GET
S

200

Theresa_May_Brexit%20.jpg
www.cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/
Redirect Chain

http://cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg
https://www.cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg

81 KB
81 KB

151ms
99ms

Image
image/jpeg

35.186.199.204
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.199.204 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 204.199.186.35.bc.googleusercontent.com
Software: shield /
Resource Hash: 7eab0100727e710944a4495b99e6596d972df822035b700d293d24321c91fb78

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
via: 1.1 google
last-modified: Wed, 28 Nov 2018 11:42:55 GMT
server: shield
etag: "5bfe7f3f-14348"
content-type: image/jpeg
status: 200
x-shield-request-id: dd9eea415fd150133959067a78a19c3d
accept-ranges: bytes
alt-svc: clear
content-length: 82760

Redirect headers

Location: https://www.cicero.de/sites/default/files/styles/cc_980x550/public/2018-11/Theresa_May_Brexit%20.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 google
X-Shield-Request-Id: 72b5270df4abd90f84557a1f16e47eb6
Server: shield
Content-Length: 185
Content-Type: text/html

GET
H/1.1 200
Ok 1313321202-annegret-kramp-karrenbauer-cdu-O53eRnNG.jpg
www.merkur.de/bilder/2018/11/08/10541000/ 26 KB
27 KB 74ms
25ms Image
image/jpeg 193.218.202.89
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.merkur.de/bilder/2018/11/08/10541000/1313321202-annegret-kramp-karrenbauer-cdu-O53eRnNG.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 193.218.202.89 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: dd588ee337c386c3d40176fd9e48ce564c12766193f2fd88ae5f1ef573a3d8ee

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 varnish-v4
last-modified: Sat, 01 Dec 2018 09:04:52 GMT
Server: nginx, idlb1
Age: 138596
X-Cache: HIT
Content-Type: image/jpeg
expires: Mon, 31 Dec 2018 09:04:53 GMT
cache-control: max-age=2592000
X-Varnish: 41401823 964933157
Content-Length: 26970
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 12

GET
H/1.1 200
OK darum-sind-die-midterm-elections-so-wichtig.jpg
aisrtl-a.akamaihd.net/vms/5bcf2d07a2ea506a1e2a3f25/940x529/ 67 KB
68 KB 98ms
45ms Image
image/jpeg 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aisrtl-a.akamaihd.net/vms/5bcf2d07a2ea506a1e2a3f25/940x529/darum-sind-die-midterm-elections-so-wichtig.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 2.16.186.32 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19b208334b288f39ceb19db013399d1b89b99facc1e723903f9f3561516f1b2f

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Autoimage-Height: 513
Last-Modified: Tue, 23 Oct 2018 14:16:12 GMT
X-Autoimage-Duration: 0.35240006446838
ETag: "3314912275010129846802068862806064242-390-201"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=1200
Content-Transfer-Encoding: binary
X-Autoimage-Width: 912
Connection: keep-alive
Content-Length: 68714
Date: Sun, 02 Dec 2018 23:34:49 GMT
Expires: Sun, 02 Dec 2018 23:54:49 GMT

GET
H/1.1 200
OK youtube-macht-jetzt-spotify-und-apple-music-konkurrenz-1526574917.jpg
media.news.de/resources/thumbs/3a/ef/856795717_736x414/ 22 KB
23 KB 77ms
29ms Image
image/jpeg 62.141.58.43
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.news.de/resources/thumbs/3a/ef/856795717_736x414/youtube-macht-jetzt-spotify-und-apple-music-konkurrenz-1526574917.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 62.141.58.43 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: lb-vrrp.news.de
Software: nginx /
Resource Hash: 069ee176091a3195f794b6a905a27515154ce96d2b9d4000f7aa1758e5e3affc

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 17 May 2018 16:35:19 GMT
Server: nginx
ETag: "58b0-56c696bc85574"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22704
Expires: Mon, 03 Dec 2018 23:34:49 GMT

GET
S

200

DevicesBusiness_SH2_5_ImagePanel_V1.jpg
www.notebookcheck.com/fileadmin/Notebooks/News/_nc3/
Redirect Chain

http://notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg
https://www.notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg

328 KB
328 KB

299ms
247ms

Image
image/jpeg

2606:4700:20::6819:8e73
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:8e73 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0587b8747bc335f4edbf6f84c80585723d60de260a00e2713a3bcc9c80ccf3af

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 02 Dec 2018 23:34:49 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
x-location: typo3-stuff
status: 200
content-type: image/jpeg
content-length: 335538
last-modified: Wed, 16 May 2018 18:15:40 GMT
server: cloudflare
etag: "5afc754c-51eb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 280430620
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 48319b3ede2c63af-FRA
expires: Wed, 02 Jan 2019 23:34:49 GMT

Redirect headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.notebookcheck.com/fileadmin/Notebooks/News/_nc3/DevicesBusiness_SH2_5_ImagePanel_V1.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 48319b3e62db97fe-FRA
Expires: Mon, 03 Dec 2018 00:34:49 GMT

GET
H/1.1

200
OK

7036104930423518
www.watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/
Redirect Chain

http://watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518
https://www.watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518

26 KB
26 KB

811ms
771ms

Image
image/webp

2a01:4f8:201:24b1::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:201:24b1::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.2 /
Resource Hash: 9dcb8f54c418cb1eba47c9b810c03c3aa0d0cd0e28366e7d7b2629994d70e934

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:50 GMT
Last-Modified: Tue, 27 Aug 2013 01:00:00 GMT
Server: nginx/1.10.2
Age: 0
Vary: User-Agent, Accept
Content-Type: image/webp
Cache-Control: public
Transfer-Encoding: chunked
X-Varnish: 317387863
Connection: keep-alive
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 00:00:42 GMT

Redirect headers

Location: https://www.watson.ch/imgdb/fa92/Qx,E,0,0,1879,1084,798,502,320,200/7036104930423518
Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: Varnish
Connection: keep-alive
Content-Length: 0
X-Varnish: 464814123

GET
S 200 Mi-Mix-2s_Android-P.jpg
www.androidkosmos.de/wp-content/uploads/2018/05/ 125 KB
125 KB 223ms
163ms Image
image/jpeg 2606:4700:30::681b:b72f
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.androidkosmos.de/wp-content/uploads/2018/05/Mi-Mix-2s_Android-P.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681b:b72f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209eccfc48c887d6893085e92433b5bb0d1633e9e618e4714b2085940dda9853

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
status: 200
content-length: 127778
pragma: public
last-modified: Tue, 03 Jul 2018 21:36:32 GMT
server: cloudflare
etag: "5b3bec60-1f322"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 29 Nov 2028 23:34:49 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 48319b3ef8ca231e-FRA
cf-bgj: imgq:100

GET
S 200 9222-630-315-bd48c3a0055516621f847a166d67d82c389773df.jpg
www.ntower.de/images/newsPictures/bd/ 76 KB
77 KB 162ms
103ms Image
image/jpeg 2606:4700:20::6819:ef72
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntower.de/images/newsPictures/bd/9222-630-315-bd48c3a0055516621f847a166d67d82c389773df.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::6819:ef72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cbb97fc0929209980643fa73ef329aebc0988e6752760812cec66535d1d64b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 77828
x-xss-protection: 1; mode=block
last-modified: Mon, 07 May 2018 18:40:39 GMT
server: cloudflare
etag: "13004-56ba201a3954f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 48319b3efbc7c274-FRA
expires: Mon, 03 Dec 2018 03:34:49 GMT

GET
S

200

6-format2020.jpg
www.handelsblatt.com/images/apple/21233048/
Redirect Chain

http://handelsblatt.com/images/apple/21233048/2-format2020.jpg
https://www.handelsblatt.com/images/apple/21233048/2-format2020.jpg
https://www.handelsblatt.com/images/apple/21233048/6-format2020.jpg

45 KB
45 KB

207ms
207ms

Image
image/jpeg

104.111.226.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handelsblatt.com/images/apple/21233048/6-format2020.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.226.107 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-226-107.deploy.static.akamaitechnologies.com

Software

Resource Hash

091ae9860f56ad4c5a6060279b4b3b245a96cb278cb3bc75f39b735a9fe3e12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
x-content-type-options: nosniff
x-backend: BE: handelsblatt
status: 200
x-varnish-hitmiss: MISS degtluv8451
content-length: 46013
x-xss-protection: 1; mode=block
x-cdn: Served-By-Akamai
last-modified: Wed, 02 May 2018 06:42:16 GMT
etag: "8865d29557f802b518429654551fbdee"
x-frame-options: SAMEORIGIN
x-varnish: 1170294787
access-control-allow-origin: *
expires: Tue, 01 Jan 2019 23:34:49 GMT
cache-control: public, private, max-age=2592000
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-cache-control-set-by: Cache-Control or Expires (2592000)

Redirect headers

date: Sun, 02 Dec 2018 23:34:49 GMT
x-content-type-options: nosniff
x-backend: BE: handelsblatt
status: 301
x-varnish-hitmiss: MISS degtluv8451
content-length: 0
x-xss-protection: 1; mode=block
x-cdn: Served-By-Akamai
last-modified: Sun, 02 Dec 2018 23:34:49 GMT
x-frame-options: SAMEORIGIN
content-language: de-DE
x-varnish: 1170294779
location: https://www.handelsblatt.com/images/apple/21233048/6-format2020.jpg
expires: Sun, 02 Dec 2018 23:35:49 GMT
cache-control: public, private, max-age=60
accept-ranges: bytes
x-cache-control-set-by: Rule (60)

GET
S 404 Exiting-Windows-Insider-Program.png.pagespeed.ce.sdcCEgRWFz.png
www.onmsft.com/wp-content/uploads/2017/10/ 0
416 B 439ms
398ms Image
text/html 104.31.91.233
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onmsft.com/wp-content/uploads/2017/10/Exiting-Windows-Insider-Program.png.pagespeed.ce.sdcCEgRWFz.png
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.31.91.233 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
S 200 urn-newsml-dpa-com-20090101-180720-99-227018-large-4-3.jpg
p5.focus.de/img/fotos/origs9285495/1758519039-w630-h472-o-q75-p5/ 43 KB
43 KB 7ms
6ms Image
image/jpeg 2a02:26f0:6c00:29f::d97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.focus.de/img/fotos/origs9285495/1758519039-w630-h472-o-q75-p5/urn-newsml-dpa-com-20090101-180720-99-227018-large-4-3.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:29f::d97 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 04e5c08ed5b7a11aa11219e3501ccedd5a985f603eb1b20b4fa3accbe824c0d1

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cmsid: a9285495
date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Wed, 28 Nov 2018 02:09:04 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cmstype: a
content-length: 43862
expires: Sun, 16 Dec 2018 23:34:49 GMT

GET
H/1.1 200
OK 0881375.jpg
images.motorsport-magazin.com/images/950/q_80/sw_adrivo/ 108 KB
108 KB 1437ms
1371ms Image
image/jpeg 46.4.80.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.motorsport-magazin.com/images/950/q_80/sw_adrivo/0881375.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 46.4.80.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de-varnish-01.adrivo.com
Software: /
Resource Hash: d24a95baae02416ec8d91cc12294936b634484b1f8374eb9be11ab6b2763161d

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:50 GMT
X-Cache-Grace: none
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 110454
Last-Modified: Sun, 02 Dec 2018 23:34:50 GMT
X-Cache-Debug
ETag: W/cc92029279f7d96e71fa98981c15795a
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: http://ads.adrivo.com
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
x-storage: mem
X-Cache-Hits: 0

GET
H/1.1 200
OK oezils-ruecktritt-heizt-integrationsdebatte-an.jpg
aisrtlnext-a.akamaihd.net/vms/5b560bbaa2ea5018212f8509/940x529/ 39 KB
40 KB 90ms
49ms Image
image/jpeg 2.16.186.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aisrtlnext-a.akamaihd.net/vms/5b560bbaa2ea5018212f8509/940x529/oezils-ruecktritt-heizt-integrationsdebatte-an.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 2.16.186.9 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f2841820ccf7e46e48d317bcfb4458c8c8d56754716bb3b42c4c526ba19df00

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Autoimage-Height: 529
Last-Modified: Mon, 23 Jul 2018 17:09:54 GMT
X-Autoimage-Duration: 0.53470587730408
ETag: "3311422598843561602464660260004040626-3ac-211"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=1193
Content-Transfer-Encoding: binary
X-Autoimage-Width: 940
Connection: keep-alive
Content-Length: 40248
Date: Sun, 02 Dec 2018 23:34:49 GMT
Expires: Sun, 02 Dec 2018 23:54:42 GMT

GET
S 200 5b5619271900002a00c68073.jpeg
img.huffingtonpost.com/asset/ 672 KB
672 KB 43ms
8ms Image
image/jpeg 2606:2800:233:23c9:90c:111f:15f5:25b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.huffingtonpost.com/asset/5b5619271900002a00c68073.jpeg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:233:23c9:90c:111f:15f5:25b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F7E) /
Resource Hash: 758dc0776e8ac525e46b973231419c18fec308be17bffc53ae30d74882136392

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
last-modified: Sat, 24 Nov 2018 00:59:38 GMT
server: ECAcc (frc/8F7E)
age: 772512
status: 200
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: HIT
accept-ranges: bytes
content-length: 687776

GET
H/1.1 200
OK kritik-von-allen-seiten-fuer-ilkay-guendogan-und-mesut-oezil-tuerkischer-verband-schiesst-gegen-dfb.jpg
aisrtl-a.akamaihd.net/masters/992098/1148x646/ 73 KB
74 KB 43ms
42ms Image
image/jpeg 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aisrtl-a.akamaihd.net/masters/992098/1148x646/kritik-von-allen-seiten-fuer-ilkay-guendogan-und-mesut-oezil-tuerkischer-verband-schiesst-gegen-dfb.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 2.16.186.32 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bae993b8f9921663bb473b6642e1bf2963b75be3ed47e0a14829129b0294634

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Autoimage-Height: 644
Last-Modified: Sat, 01 Dec 2018 17:28:18 GMT
X-Autoimage-Duration: 0.12506484985352
ETag: "4b06e2cbde-47c-284"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, max-age=1200
Content-Transfer-Encoding: binary
X-Autoimage-Width: 1148
Connection: keep-alive
Content-Length: 75094
Date: Sun, 02 Dec 2018 23:34:49 GMT
Expires: Sun, 02 Dec 2018 23:54:49 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 75 KB
28 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7a083cefa328835b8f287e8dc649939f17a374b3f8eba1d20375b5f32fd9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 02 Dec 2018 23:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6439763207764208411
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 28350
X-XSS-Protection: 1; mode=block
Expires: Sun, 02 Dec 2018 23:34:49 GMT

GET
H/1.1

200
OK

52334609.jpg
media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/
Redirect Chain

http://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg
https://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg

31 KB
31 KB

456ms
429ms

Image
image/jpeg

2a02:26f0:6c00:2a3::31ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2a3::31ca , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

be775ad38cc102e651d52dd33aed025d53f28999d96858b1af3d7082b343ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15638400
Last-Modified: Sat, 07 Apr 2018 09:31:44 GMT
Server: nginx
Date: Sun, 02 Dec 2018 23:34:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIi PSAi PSDi OUR STP UNI COM NAV INT STA PRE"
X-FAZPAY-Content: public
Cache-Control: public, max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=UTF-8
Content-Length: 31357

Redirect headers

Location: https://media3.faz.net/ppmedia/aktuell/353912187/1.5530735/media_in_article_medium/52334609.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

3254471877915102
www.watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/
Redirect Chain

http://watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102
https://www.watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102

33 KB
34 KB

1317ms
1315ms

Image
image/webp

2a01:4f8:201:24b1::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:201:24b1::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.2 /
Resource Hash: 05779090b1a7767aa5ab0ad3e1f136df4f19fc20f3cce0e0e8013992379e1219

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:50 GMT
Last-Modified: Tue, 27 Aug 2013 01:00:00 GMT
Server: nginx/1.10.2
Age: 0
Vary: User-Agent, Accept
Content-Type: image/webp
Cache-Control: public
Transfer-Encoding: chunked
X-Varnish: 317288191
Connection: keep-alive
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 00:00:42 GMT

Redirect headers

Location: https://www.watson.ch/imgdb/dee5/Qx,A,0,0,4098,2826,1707,1177,683,471/3254471877915102
Date: Sun, 02 Dec 2018 23:34:49 GMT
Server: Varnish
Connection: keep-alive
Content-Length: 0
X-Varnish: 464814130

GET
S 200 316752468.jpg
cdnde1.img.sputniknews.com/images/31675/24/ 129 KB
130 KB 839ms
718ms Image
image/jpeg 50.7.91.72
Cogent Communicat...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnde1.img.sputniknews.com/images/31675/24/316752468.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.7.91.72 Frankfurt, Germany, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d194b84e666ed94b733c478aef11b5961718afc9711fc05731163338a79f521

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:50 GMT
last-modified: Wed, 26 Jul 2017 10:28:30 GMT
server: nginx
etag: "59786ece-20520"
status: 200
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 132384
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg
www.ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/
Redirect Chain

http://ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg
https://www.ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg

42 KB
43 KB

315ms
314ms

Image
image/jpeg

23.38.53.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.53.222 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-222.deploy.static.akamaitechnologies.com
Software: Apache/2.4.27 (Unix) /
Resource Hash: 6e40c50f12b4592ee4d57b04867e678116bf54a73e71660b8d05fa7139446334

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:50 GMT
last-modified: Sat, 29 Jul 2017 18:51:58 GMT
server: Apache/2.4.27 (Unix)
content-length: 43164
content-language: en-US
status: 200
cache-control: max-age=15551960
cneonction: close
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-document-type: image
expires: Fri, 31 May 2019 23:34:10 GMT

Redirect headers

Location: https://www.ksta.de/image/28087264/2x1/940/470/fbb5a98f0f0e60c922b4e58474664b12/EA/urn-newsml-dpa-com-20090101-170729-99-443687-large-4-3.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 google
X-Shield-Request-Id: 0fe903d79058ae7cdc3a114683bcf6e5
Server: shield
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 537966_1_690x460.jpg
unternehmen-heute.de/newssys/galerie/537966/ 110 KB
110 KB 54ms
13ms Image
image/jpeg 87.106.16.150
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://unternehmen-heute.de/newssys/galerie/537966/537966_1_690x460.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 87.106.16.150 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS: silver.goxxl.de
Software: Apache /
Resource Hash: 7a2f49d210bc57cf603e52bf7858a263eebb2b19a12acde8ee5fe759bdfa7353

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 22 Nov 2018 16:04:26 GMT
Server: Apache
ETag: "1b61d-57b430557a67f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=200
Content-Length: 112157
Expires: Sun, 09 Dec 2018 23:34:49 GMT

GET
H/1.1

200
OK

Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser_article.jpg
www.op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/
Redirect Chain

http://op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser...
http://www.op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_te...

26 KB
27 KB

110ms
50ms

Image
image/jpeg

104.111.227.144
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser_article.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 104.111.227.144 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-227-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 84b7ca65f546e9457a8ceba3654cf8af7cd4267e7852b5eb0494261ba86c2e36

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Wed, 21 Nov 2018 10:38:21 GMT
X-TTL: 259200.000
ETag: W/"5bf5359d-6999"
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
x-varnishrequesttime: 1543793689
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27033
Expires: Mon, 02 Dec 2019 23:34:49 GMT

Redirect headers

Location: http://www.op-marburg.de/var/storage/images/rnd/nachrichten/politik/inland/bundestag-merkel-wirbt-vehement-fuer-un-migrationspakt/708418332-2-ger-DE/Merkel-wirbt-vehement-fuer-Migrationspakt_big_teaser_article.jpg
Content-length: 0

GET
S

200

gyi-1066992570.jpg
www.mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/
Redirect Chain

http://mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg
https://www.mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg

108 KB
109 KB

768ms
732ms

Image
image/jpeg

23.38.53.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.53.222 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-222.deploy.static.akamaitechnologies.com
Software: Apache/2.4.27 (Unix) /
Resource Hash: 46eadacb0cdda8bbd49d8d11093fe6091075f885a8a888bdd19425062c06129a

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:50 GMT
last-modified: Tue, 13 Nov 2018 17:19:44 GMT
server: Apache/2.4.27 (Unix)
content-language: en-US
status: 200
cache-control: max-age=15552000
content-length: 110960
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-document-type: image
nncoection: close
expires: Fri, 31 May 2019 23:34:50 GMT

Redirect headers

Location: https://www.mz-web.de/image/31587412/2x1/940/470/41c0bf9d5e8278e5ad1f3d2b67286126/qM/gyi-1066992570.jpg
Date: Sun, 02 Dec 2018 23:34:49 GMT
Via: 1.1 google
X-Shield-Request-Id: 71c41b793dc61b57b6fd1c3ed472eedd
Server: shield
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK ein-ortsschild-von-paradise-ein-gebaeude-steht-in-flammen-waehrend-sich-das-feuer-durch-die-stadt-bewegt-.jpg
bilder.t-online.de/b/84/75/53/90/id_84755390/610/tid_da/ 99 KB
100 KB 1705ms
1704ms Image
image/jpeg 2a02:cbf7:1:0:62:138:239:103
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilder.t-online.de/b/84/75/53/90/id_84755390/610/tid_da/ein-ortsschild-von-paradise-ein-gebaeude-steht-in-flammen-waehrend-sich-das-feuer-durch-die-stadt-bewegt-.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:cbf7:1:0:62:138:239:103 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
Software: /
Resource Hash: 220710f88a07844450244f7d1ad7fad2e1d57c3e540563b3704e9c8b77625139

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Fri, 09 Nov 2018 07:38:31 GMT
Age: 0
Etag: "84755390-3"
Vary: User-Agent
Content-Language: en-US
Cache-Control: max-age=7200
X-SourceInfo: cmsweb07/15 17.2.0.4 :-)
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg;charset=ISO-8859-1
Content-Length: 101771

GET
H/1.1

200
OK

2-format43.jpg
www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/
Redirect Chain

http://tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg
http://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg
https://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg

0
796 B

48ms
47ms

Image
text/html

104.111.226.140
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.226.140 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-226-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
X-Cdn: Served-By-Akamai
Content-Type: text/html
Location: https://www.tagesspiegel.de/images/german-chancellor-merkel-addresses-the-european-parliament-during-a-debate-on-the-future-of-europe-at-the-european-parliament-in-strasbourg/23628570/2-format43.jpg
Cache-Control: private, max-age=90
Connection: keep-alive
Content-Length: 178
Expires: Sun, 02 Dec 2018 23:36:19 GMT

GET
H/1.1 200
OK style.css
bilanzhot.com/wp-content/themes/canvas/ 100 KB
101 KB 14ms
13ms Stylesheet
text/css 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://bilanzhot.com/wp-content/themes/canvas/style.css
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 60e3f54684ca735121b4d46224484f69f0ad1f6f487951f89a831fbb9b56bdf3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://bilanzhot.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Mon, 16 Jul 2018 10:11:56 GMT
Server: nginx/1.10.1
ETag: "5b4c6f6c-19168"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102760

GET
H2 200 sm.21.html
static.addtoany.com/menu/ Frame 3C2B 0
0 12ms
11ms Document
text/html 2606:4700:10::6814:6f27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.21.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://bilanzhot.com/
accept-encoding: gzip, deflate
cookie: __cfduid=d39cb94af15aacb9dd933cd83b675ad4d1543793689
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://bilanzhot.com/

Response headers

status: 200
date: Sun, 02 Dec 2018 23:34:49 GMT
content-type: text/html; charset=utf-8
content-length: 1030
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
cache-control: public, max-age=315360000
vary: Accept-Encoding
content-encoding: gzip
via: e5s
cf-cache-status: HIT
expires: Wed, 29 Nov 2028 23:34:49 GMT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48319b3db8aac2bf-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200
OK direction-nav.png
bilanzhot.com/wp-content/themes/newsday-child/images/ 2 KB
2 KB 13ms
12ms Image
image/png 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/images/direction-nav.png
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: a36616dc61a9c5d4f034e1758a86a34d630f9a63cfd91c1ac49c01f121e323a5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 19 Jul 2018 00:38:54 GMT
Server: nginx/1.10.1
ETag: "5b4fdd9e-74a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1866

GET
S 200 icons.28.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 13ms
13ms Script
application/javascript 2606:4700:10::6814:6f27
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.28.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80dd22f19dc0d3a8347d22ab073077d359575108dd4e8726b1b84ad757727bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 23:34:49 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 13 Jun 2018 02:37:59 GMT
server: cloudflare
etag: W/"13693-56e7cdef8217f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
expires: Wed, 29 Nov 2028 23:34:49 GMT
cache-control: public, max-age=315360000
cf-ray: 48319b3dd8e6c2bf-FRA
cf-bgj: minify

GET
H/1.1 200
OK featured-bg.png
bilanzhot.com/wp-content/themes/newsday-child/images/ 1 KB
1 KB 14ms
12ms Image
image/png 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/images/featured-bg.png
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 1fac6f2ceb93b2feae7c0896eedcf966b039ec25853f71cb740f921acf90dd89

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 19 Jul 2018 00:38:59 GMT
Server: nginx/1.10.1
ETag: "5b4fdda3-4b8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1208

GET
H/1.1 200
OK featured_news_ribbon.png
bilanzhot.com/wp-content/themes/newsday-child/images/ 9 KB
9 KB 14ms
13ms Image
image/png 78.140.189.194
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bilanzhot.com/wp-content/themes/newsday-child/images/featured_news_ribbon.png
Requested by: Host: bilanzhot.com
URL: http://bilanzhot.com/
Protocol: HTTP/1.1
Server: 78.140.189.194 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 95b5e6a0547daf37bda056042d69d1deab4703312f5432ea97d5159d784a8248

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bilanzhot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bilanzhot.com/wp-content/themes/newsday-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 02 Dec 2018 23:34:49 GMT
Last-Modified: Thu, 19 Jul 2018 00:39:01 GMT
Server: nginx/1.10.1
ETag: "5b4fdda5-2471"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9329

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 1063
date: Sun, 02 Dec 2018 23:17:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Mon, 03 Dec 2018 01:17:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bilanzhot.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Dec 2018 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bilanzhot.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Dec 2018 23:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/ 202 KB
75 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4b082832ad002d6d36d87304e4a9f79eb1e240b9b203348d2bc198c5cd79c3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 02 Dec 2018 23:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15430092520087833540
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 76257
X-XSS-Protection: 1; mode=block
Expires: Sun, 02 Dec 2018 23:34:49 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/ Frame 76C0 202 KB
75 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4b082832ad002d6d36d87304e4a9f79eb1e240b9b203348d2bc198c5cd79c3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 02 Dec 2018 23:34:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15430092520087833540
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 76257
X-XSS-Protection: 1; mode=block
Expires: Sun, 02 Dec 2018 23:34:49 GMT

GET
S 200 ca-pub-1060184441413640.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 299 B
335 B 9ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1060184441413640.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe6397e43c742ca5c2e908a0e2a15294cccf1823d1c3d9c0c410aca7225c874f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 02 Dec 2018 19:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Nov 2018 00:36:42 GMT
server: sffe
age: 12987
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 216
x-xss-protection: 1; mode=block
expires: Mon, 03 Dec 2018 07:58:22 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181128/r20180604/ Frame AA7A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181128/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181128/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://bilanzhot.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://bilanzhot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 28 Nov 2018 14:27:40 GMT
expires: Wed, 12 Dec 2018 14:27:40 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 378429
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0C6E 0
0 88ms
87ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1060184441413640&output=html&h=600&adk=1420471628&adf=1531739185&w=300&lmt=1543793689&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbilanzhot.com%2F&flash=0&wgl=1&adsid=NT&dt=1543793689655&bpp=11&bdt=578&fdt=57&idt=56&shv=r20181128&cbv=r20180604&saldr=aa&abxe=1&correlator=7192851999626&frm=20&pv=2&ga_vid=616223139.1543793690&ga_sid=1543793690&ga_hid=11519617&ga_fc=0&iag=0&icsg=34628173730&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195146%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.bv6te63nq2tw&fsb=1&xpc=Pv4SGc5Co9&p=http%3A//bilanzhot.com&dtd=73

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1060184441413640&output=html&h=600&adk=1420471628&adf=1531739185&w=300&lmt=1543793689&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fbilanzhot.com%2F&flash=0&wgl=1&adsid=NT&dt=1543793689655&bpp=11&bdt=578&fdt=57&idt=56&shv=r20181128&cbv=r20180604&saldr=aa&abxe=1&correlator=7192851999626&frm=20&pv=2&ga_vid=616223139.1543793690&ga_sid=1543793690&ga_hid=11519617&ga_fc=0&iag=0&icsg=34628173730&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=977&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195146%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.bv6te63nq2tw&fsb=1&xpc=Pv4SGc5Co9&p=http%3A//bilanzhot.com&dtd=73
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://bilanzhot.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://bilanzhot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 02 Dec 2018 23:34:49 GMT
server: cafe
cache-control: private
content-length: 384
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Dec-2018 23:49:49 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sun, 02 Dec 2018 23:34:49 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181128/r20100101/ 72 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181128/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181128/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 28 Nov 2018 14:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26729
x-xss-protection: 1; mode=block
server: cafe
etag: 17768588699998725842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Dec 2018 14:39:22 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 76C0 0
427 B 38ms
38ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1420471628&adf=1531739185&fmt=300x600&str=false&ad_y=145&vph=1200&r_nh=0&qid=CMC479Ongt8CFQGwewodSpEOuA&w=300&h=600&err=1&url=http%3A%2F%2Fbilanzhot.com%2F

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Dec 2018 23:34:49 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&ji...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&j...

35 B
109 B

13ms
13ms

Image
image/gif

2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1101912744&gjid=647923503&cid=616223139.1543793690&tid=UA-61170363-66&_gid=430264361.1543793690&_r=1&z=1136432088

Requested by

Host: bilanzhot.com
URL: http://bilanzhot.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://bilanzhot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Dec 2018 23:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j72&a=11519617&t=pageview&_s=1&dl=http%3A%2F%2Fbilanzhot.com%2F&ul=en-us&de=UTF-8&dt=Bilanz&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1101912744&gjid=647923503&cid=616223139.1543793690&tid=UA-61170363-66&_gid=430264361.1543793690&_r=1&z=1136432088
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 20:49:54	Name: test_cookie Value: CheckForPermission
.addtoany.com/	1970-01-18 20:51:20	Name: uvc Value: 1
.addtoany.com/	1970-01-19 05:35:29	Name: __cfduid Value: d39cb94af15aacb9dd933cd83b675ad4d1543793689
.bilanzhot.com/	1970-01-18 20:49:53	Name: _gat Value: 1
.bilanzhot.com/	1970-01-18 20:51:20	Name: _gid Value: GA1.2.430264361.1543793690
.bilanzhot.com/	1970-01-19 14:21:05	Name: _ga Value: GA1.2.616223139.1543793690

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ais.badische-zeitung.de
aisrtl-a.akamaihd.net
aisrtlnext-a.akamaihd.net
ajax.googleapis.com
berchtesgadener-anzeiger.de
bilanzhot.com
bilder.t-online.de
cdnde1.img.sputniknews.com
cicero.de
express.de
googleads.g.doubleclick.net
handelsblatt.com
i0.web.de
images.motorsport-magazin.com
img.huffingtonpost.com
ksta.de
media.diepresse.com
media.news.de
media3.faz.net
mz-web.de
notebookcheck.com
op-marburg.de
p5.focus.de
pagead2.googlesyndication.com
ruhrnachrichten.de
static.addtoany.com
swp.de
tagesspiegel.de
trendyone.de
unternehmen-heute.de
watson.ch
weser-kurier.de
www.androidkosmos.de
www.cicero.de
www.express.de
www.google-analytics.com
www.handelsblatt.com
www.ksta.de
www.merkur.de
www.mz-web.de
www.notebookcheck.com
www.ntower.de
www.onmsft.com
www.op-marburg.de
www.ruhrnachrichten.de
www.schweizer-illustrierte.ch
www.srf.ch
www.swp.de
www.tagesspiegel.de
www.trendyone.de
www.watson.ch
www.weser-kurier.de
104.111.226.107
104.111.226.140
104.111.227.144
104.111.228.85
104.111.238.225
104.111.242.240
104.31.91.233
193.218.202.89
193.30.60.245
2.16.186.32
2.16.186.9
2.18.233.122
213.164.64.19
213.182.15.189
213.182.18.21
217.182.187.115
23.38.53.222
2606:2800:233:23c9:90c:111f:15f5:25b6
2606:4700:10::6814:6f27
2606:4700:20::6819:8d73
2606:4700:20::6819:8e73
2606:4700:20::6819:ef72
2606:4700:30::681b:b72f
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:820::200e
2a01:4f8:201:24b0::2
2a01:4f8:201:24b1::2
2a02:26f0:6c00:29b::31ca
2a02:26f0:6c00:29f::d97
2a02:26f0:6c00:2a3::31ca
2a02:cbf7:1:0:62:138:239:103
35.186.199.204
35.190.46.116
35.190.48.80
35.190.93.140
46.245.182.43
46.4.80.130
50.7.91.72
62.141.58.43
78.140.189.194
82.211.33.134
87.106.16.150
91.105.246.131
91.105.246.141
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e5c08ed5b7a11aa11219e3501ccedd5a985f603eb1b20b4fa3accbe824c0d1
05779090b1a7767aa5ab0ad3e1f136df4f19fc20f3cce0e0e8013992379e1219
0587b8747bc335f4edbf6f84c80585723d60de260a00e2713a3bcc9c80ccf3af
069ee176091a3195f794b6a905a27515154ce96d2b9d4000f7aa1758e5e3affc
09127eccb51fd13b56d5325e9e79dd523111455bf365a511108c1dd7a8eed214
091ae9860f56ad4c5a6060279b4b3b245a96cb278cb3bc75f39b735a9fe3e12b
0bae993b8f9921663bb473b6642e1bf2963b75be3ed47e0a14829129b0294634
0bd5b97ae711e11dd667c186b3e81a13930e969fff82a966986f6ca72bf78d02
0dc7efbfdbb56f1d1a65200330fd721a7678f576e5e6d7f25d75a8f2a341366e
0f40cd4537739830044642907a20c3c0bc8f76ae3bd7a62e6b79838f779c0440
1233203f9d13963d95940835bfeddb0f37d90c03c2aa99b6b41e60535b171130
19b208334b288f39ceb19db013399d1b89b99facc1e723903f9f3561516f1b2f
1cbb97fc0929209980643fa73ef329aebc0988e6752760812cec66535d1d64b2
1d194b84e666ed94b733c478aef11b5961718afc9711fc05731163338a79f521
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1fac6f2ceb93b2feae7c0896eedcf966b039ec25853f71cb740f921acf90dd89
209eccfc48c887d6893085e92433b5bb0d1633e9e618e4714b2085940dda9853
220710f88a07844450244f7d1ad7fad2e1d57c3e540563b3704e9c8b77625139
23a07d5fd7ecaa5ac705d48120d0946b38f940f381772fa56b087191d468bc5b
28ce07b4ab35ce29295c2706d79403089bff51f2ea141bb7d254d308dd84a984
2d0de0ea520e126acb8f612cfa605dab3fd355f6949fea575955627764d8dbde
46eadacb0cdda8bbd49d8d11093fe6091075f885a8a888bdd19425062c06129a
4b082832ad002d6d36d87304e4a9f79eb1e240b9b203348d2bc198c5cd79c3f0
4b7a083cefa328835b8f287e8dc649939f17a374b3f8eba1d20375b5f32fd9a2
573a8752e099552e58ad5739054d1d2ea7aeb83abf499a771140e7cf3faafbdf
5fc71212d5f80194f946cc9239d030aae8b51879ec22bd6f9a793c49e543d1c0
60e3f54684ca735121b4d46224484f69f0ad1f6f487951f89a831fbb9b56bdf3
65e0864f5864c050f04b10ba21866a9bc1b6bc677f7919652aaeeb4b4c40d50a
6866ab78a40881aaf5687cb859032ce4ffe0c3ce52df17f5e258602b97cc8259
6e40c50f12b4592ee4d57b04867e678116bf54a73e71660b8d05fa7139446334
6f587094c6bd83e0c090c426c8cc8b4319a8f120284f74daf17d06eef710029b
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3
758dc0776e8ac525e46b973231419c18fec308be17bffc53ae30d74882136392
79806301ff7eb27700b5e3efa4ae24671a3440e23550535e2ad59eda97397f80
798df68605227232f02c497b0c35556346bd02a125400530dab7f6a86e59d5d9
7a2f49d210bc57cf603e52bf7858a263eebb2b19a12acde8ee5fe759bdfa7353
7eab0100727e710944a4495b99e6596d972df822035b700d293d24321c91fb78
7ef1a3359724a28ebb24dfb7b98bb90c8f809e6e25759a2327759eb7a29e33fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83df6bedd073e4941b85c14342efde571762e361444c2975cb18d7db8568d941
84b7ca65f546e9457a8ceba3654cf8af7cd4267e7852b5eb0494261ba86c2e36
851118e8dd4389c9fb6d56e66549c3ae44a7bd8db7c97630bfb63e6f3efb4507
893feb9eed9b0a278341beef56ef87e9a1e4e33c4fbfb98c4f30a29f5ced2870
8fb27967beb68340323c196b97c617bb7890022a669090d73e2e525db01ffa28
95b5e6a0547daf37bda056042d69d1deab4703312f5432ea97d5159d784a8248
99c8b2ea6d01a008d2f203cf58e41b1fb2bbf159cfbc57d5476f9fa05c08b50c
9dcb8f54c418cb1eba47c9b810c03c3aa0d0cd0e28366e7d7b2629994d70e934
9f2841820ccf7e46e48d317bcfb4458c8c8d56754716bb3b42c4c526ba19df00
a36616dc61a9c5d4f034e1758a86a34d630f9a63cfd91c1ac49c01f121e323a5
a9b595038e149f8bf249832fbce5f4bce70de744128d8540c4de8b2c7cb89fd0
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
babfa107f59a2ffb0c0bafab1ed62cffe3fbea4e2cf7dc251d81a774db66f401
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
be775ad38cc102e651d52dd33aed025d53f28999d96858b1af3d7082b343ebca
c1559b05f8b68cf88343eea14f151bf8b4df15ea3be0d9f00c88a3fd7a8bfb43
c80dd22f19dc0d3a8347d22ab073077d359575108dd4e8726b1b84ad757727bb
cf7f3168e57c5e281baf9b2dfd642edee20781c8206c8434a520db94b282e403
d24a95baae02416ec8d91cc12294936b634484b1f8374eb9be11ab6b2763161d
dcac1d7e836bc73426f51e62285ca17d73790851bfed00087e07df3cfa596c4d
dd588ee337c386c3d40176fd9e48ce564c12766193f2fd88ae5f1ef573a3d8ee
de724ddb29f818be10cb7a5bec52636b1aa7cf7d1d40f2a498bf94334fcf67ee
e2535154b6eb2170922012581e9a9fb2608e26a2c54b9a051348d64abddb1f42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8df4ab6c0393f2054c073017968129e8bc57751270f7a3ddedd1c82315836fe
efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895
f0c710925c71cbc3c13115b08dda1325753ad2b7858e6d04a6ba34e12dcaa57b
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5e4d356e6abe8e871d5bd3058408590df3ed99588146e50402d7eac5a1e4781
fe6397e43c742ca5c2e908a0e2a15294cccf1823d1c3d9c0c410aca7225c874f
ff996e1eb120d9579eb967315171a6c38ce5023d5bf5c7a5fbe5a1b3545f05dd

bilanzhot.com Open in urlscan Pro 78.140.189.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

79 Requests

53 %HTTPS

36 %IPv6

40 Domains

54 Subdomains

39 IPs

6 Countries

4280 kBTransfer

4783 kBSize

6 Cookies

1 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

bilanzhot.com Open in urlscan Pro
78.140.189.194 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

53 %
HTTPS

36 %
IPv6

40
Domains

54
Subdomains

39
IPs

6
Countries

4280 kB
Transfer

4783 kB
Size

6
Cookies

79 HTTP transactions
1 data transactions