reflections.bellevueclub.com Open in urlscan Pro
13.78.106.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://reflections.bellevueclub.com/clemens-fritz-frau.html
Submission: On July 24 via manual (July 24th 2020, 4:30:29 pm UTC) from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 6 countries across 9 domains to perform 12 HTTP transactions. The main IP is 13.78.106.101, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is reflections.bellevueclub.com.

This is the only time reflections.bellevueclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.78.106.101 13.78.106.101	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2.18.214.33 2.18.214.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:205... 2600:9000:2057:9e00:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:c4b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f20... 2a03:2880:f20e:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	104.108.40.148 104.108.40.148	16625 (AKAMAI-AS) (AKAMAI-AS)
12	8

1 13.78.106.101 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

reflections.bellevueclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.214.33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

image.stern.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.gala.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9e00:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

farm66.static.flickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
farm8.static.flickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:c4b2 (United States)

ASN13335 (CLOUDFLARENET, US)

i7.pngguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f20e:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-yyz1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.40.148 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

m.goettinger-tageblatt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.goettinger-tageblatt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	49 KB
2	goettinger-tageblatt.de 1 redirects m.goettinger-tageblatt.de www.goettinger-tageblatt.de	159 KB
2	flickr.com farm66.static.flickr.com farm8.static.flickr.com	206 KB
1	gala.de image.gala.de	261 KB
1	cdninstagram.com scontent-yyz1-1.cdninstagram.com	21 B
1	pngguru.com i7.pngguru.com
1	stern.de image.stern.de	46 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	bellevueclub.com reflections.bellevueclub.com	5 KB
12	9

	Domain	Requested by
2	maxcdn.bootstrapcdn.com	reflections.bellevueclub.com
1	www.goettinger-tageblatt.de	reflections.bellevueclub.com
1	m.goettinger-tageblatt.de	1 redirects
1	image.gala.de	reflections.bellevueclub.com
1	farm8.static.flickr.com	reflections.bellevueclub.com
1	scontent-yyz1-1.cdninstagram.com	reflections.bellevueclub.com
1	i7.pngguru.com	reflections.bellevueclub.com
1	farm66.static.flickr.com	reflections.bellevueclub.com
1	image.stern.de	reflections.bellevueclub.com
1	ajax.googleapis.com	reflections.bellevueclub.com
1	stackpath.bootstrapcdn.com	reflections.bellevueclub.com
1	reflections.bellevueclub.com
12	12

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.stage.stern.de Let's Encrypt Authority X3	`2020-07-11` - `2020-10-09`	3 months	crt.sh
static.flickr.com Amazon	`2020-03-11` - `2021-04-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-07-09` - `2020-10-07`	3 months	crt.sh
www.haz.de GeoTrust RSA CA 2018	`2019-09-17` - `2020-12-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://reflections.bellevueclub.com/clemens-fritz-frau.html
Frame ID: 74164B09F5C87EA4949C715089B03913
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

92 %
HTTPS

63 %
IPv6

9
Domains

12
Subdomains

8
IPs

6
Countries

756 kB
Transfer

1036 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://m.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Gerber-heisst_reference_4_3.jpg HTTP 302
https://www.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Gerber-heisst_reference_4_3.jpg

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set clemens-fritz-frau.html Show response
reflections.bellevueclub.com/ 9 KB
5 KB 1178ms
1078ms Document
text/html 13.78.106.101
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html
Protocol: HTTP/1.1
Server: 13.78.106.101 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache / PHP/7.3.15
Resource Hash: b1239d4e284876d92c13c6ff6ee79786c90b99e3cbbd4d5f718f9379c1f17174

Request headers

Host: reflections.bellevueclub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 4443
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache
X-Powered-By: PHP/7.3.15
Set-Cookie: ARRAffinity=58d5fdd0e9308036ac160f9715b1413e65a4ec4169a2c221fd76d55f1f78887d;Path=/;HttpOnly;Domain=reflections.bellevueclub.com
Date: Fri, 24 Jul 2020 16:30:08 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 27ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 16:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:41:40 GMT
status: 200
etag: "1550076100"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19736

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 26ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 16:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 03:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3936031
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 03:09:38 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 31ms
16ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 16:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 gerber.jpg
image.stern.de/8862544/16x9-940-529/db638939191addb958ce0113f3b2fa69/OJ/ 46 KB
46 KB 223ms
154ms Image
image/jpeg 2.18.214.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.stern.de/8862544/16x9-940-529/db638939191addb958ce0113f3b2fa69/OJ/gerber.jpg

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.214.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Apache /

Resource Hash

c7b25d8886c88fccf2138dc4ac21bad4060a54feb5b93b87b6b38066c165e5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cache-origin-object-info: cmstr-prod-02 HIT ttl=1907770.556 grace=120.000 age=13644228.444
date: Fri, 24 Jul 2020 16:30:09 GMT
x-content-type-options: nosniff
x-backend: cm9_image/cae25
status: 200
x-cache-origin-request-date: Fri, 24 Jul 2020 16:30:09 GMT
content-length: 46617
x-xss-protection: 1; mode=block
x-varnish: 135578498 799886037
x-cache-backend: cmstr_prod_03_frontend/varnish-cmstr-prod-02
server: Apache
x-cache-hit: HIT
etag: "48266eb1965ad57f8c8fc550fd857aa8"
x-frame-options: DENY
x-remaining-max-age: 1907770
content-language: de-DE
access-control-allow-origin: *
cache-control: public, max-age=1907770
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-cache-origin-request-trace: xid=135578498, restarts=0

GET
H2 200 48480394066_fac1889caf_b.jpg
farm66.static.flickr.com/65535/ 119 KB
120 KB 27ms
10ms Image
image/jpeg 2600:9000:2057:9e00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm66.static.flickr.com/65535/48480394066_fac1889caf_b.jpg

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:9e00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

57caed17824c4c5def7656be95387c0fdfa3bb034cee5128a1c056a4ed24948c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

age: 179723
surrogate-control: public, max-age=31536000
status: 200
edge-control: public, max-age=31536000
x-ttfb: 0.1141
imagewidth: 576
x-ttdb-l: 122089
x-env: a=live, b=jubilee, c=21738c41, e=70b5194, f=db111fd4b
etag: "b175c8f6806730b8da0fdf3539ec20a3.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
imageheight: 1024
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
expires: Thu, 22 Jul 2021 14:34:46 GMT
date: Wed, 22 Jul 2020 14:34:46 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
mib: 2
x-amz-cf-pop: FRA6-C1
ourvalues: Dare (#4 of 5)
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
powered-by: Mutation/1.0
x-request-id: 0239747f
x-ua-compatible: IE=edge
last-modified: Wed, 07 Aug 2019 14:11:20 GMT
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
origintype: D
x-amz-cf-id: dAyV9OmjaUPbxnoCAV0eXsY8cW_6dHUSWRl5hGkdJ6f3bccoEyW5wA==

GET
H2 403 clemens-fritz-sv-werder-bremen-fifa-17-fifa-14-football-player-others.jpg
i7.pngguru.com/preview/601/110/514/ 0
0 50ms
17ms Image
text/html 2606:4700:3031::ac43:c4b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i7.pngguru.com/preview/601/110/514/clemens-fritz-sv-werder-bremen-fifa-17-fifa-14-football-player-others.jpg
Requested by: Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c4b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 403 72477687_576951496382683_1549302179866702289_n.jpg
scontent-yyz1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 21 B
21 B 309ms
102ms Image
text/plain 2a03:2880:f20e:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/72477687_576951496382683_1549302179866702289_n.jpg?_nc_ht=scontent-yyz1-1.cdninstagram.com&_nc_cat=107&_nc_ohc=Sbd-e-lg3HcAX-BozLO&oh=cd2dda215eebd37135d4feba7480dfa5&oe=5EB69D42
Requested by: Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20e:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 403
date: Fri, 24 Jul 2020 16:30:09 GMT
x-fb-trip-id: 2044853803
server: proxygen-bolt
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21
content-type: text/plain

GET
H2 200 46355939364_8998704ee2_b.jpg
farm8.static.flickr.com/7832/ 85 KB
86 KB 198ms
195ms Image
image/jpeg 2600:9000:2057:9e00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm8.static.flickr.com/7832/46355939364_8998704ee2_b.jpg

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:9e00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

902a21155fcbdc825599229b526c00e5958143000ead7226bfafa48731e68278

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ttfb: 0.0961
surrogate-control: public, max-age=31536000
status: 200
edge-control: public, max-age=31536000
imageheight: 745
imagewidth: 1023
x-ttdb-l: 87059
x-env: a=live, b=jubilee, c=4cf206a9, e=70b5194, f=db111fd4b
etag: "2a586ccb38281a030bd795c58fac3680.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
expires: Sat, 24 Jul 2021 16:30:10 GMT
date: Fri, 24 Jul 2020 16:30:09 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
mib: 2
x-amz-cf-pop: FRA6-C1
ourvalues: Thrill Our Customers (#2 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
powered-by: Mutation/1.0
x-request-id: aca2485e
x-ua-compatible: IE=edge
last-modified: Mon, 18 Feb 2019 00:24:52 GMT
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
origintype: D
x-amz-cf-id: J3bN_--ch8QwAgUWipOeMPF8gNa9Kwby4khxoU2KucShscPgFmFfNA==

GET
H2 200 alena-gerber-happy.jpg
image.gala.de/21400108/uncropped-0-0/edcb86b73b3eec167dcae1d550344dd3/Pw/ 260 KB
261 KB 245ms
183ms Image
image/jpeg 2.18.214.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.gala.de/21400108/uncropped-0-0/edcb86b73b3eec167dcae1d550344dd3/Pw/alena-gerber-happy.jpg

Requested by

Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.214.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Apache /

Resource Hash

995d276510fd257aea86f1b165aa09f50a99952b6443e7e351e2bdbe0bb6a888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cache-origin-object-info: cmsites-prod-02 HIT ttl=10154169.210 grace=120.000 age=5397829.790
date: Fri, 24 Jul 2020 16:30:09 GMT
x-content-type-options: nosniff
x-backend: cm9_image/cae22
status: 200
x-cache-origin-request-date: Fri, 24 Jul 2020 16:30:09 GMT
content-length: 266472
x-xss-protection: 1; mode=block
x-varnish: 264066723 444709509
xkey: gpc21400108
server: Apache
x-cache-hit: HIT
etag: "edcb86b73b3eec167dcae1d550344dd3"
x-frame-options: DENY
x-remaining-max-age: 10154169
content-language: de-DE
access-control-allow-origin: *
x-cache-backend: cmgala_prod_03_frontend/varnish-cmsites-prod-02
x-edge-cache-tag: gpc21400108
cache-control: public, max-age=10154120
accept-ranges: bytes
content-type: image/jpeg;charset=UTF-8
x-cache-origin-request-trace: xid=264066723, restarts=0

GET
H2

200

Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Gerber-heisst_reference_4_3.jpg
www.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/
Redirect Chain

https://m.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Ge...
https://www.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-...

158 KB
159 KB

147ms
145ms

Image
image/jpeg

104.108.40.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Gerber-heisst_reference_4_3.jpg
Requested by: Host: reflections.bellevueclub.com
URL: http://reflections.bellevueclub.com/clemens-fritz-frau.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.40.148 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: d34bf26427a3dcd16230e710841d0a8e518b50170983df45b63c9f1f9ab64446

Request headers

Referer: http://reflections.bellevueclub.com/clemens-fritz-frau.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 16:30:09 GMT
last-modified: Tue, 20 Aug 2019 19:33:55 GMT
x-ttl: 259200.000
etag: W/"5d5c4b23-277f9"
x-ratelimit-remaining: 1001
x-hostname: i-03a2a2c067fa4afbd
x-renderdate: Fri, 24 Jul 2020 16:30:09 GMT
status: 200
cache-control: public, max-age=31536000
x-varnishrequesttime: 1595608210
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 24 Jul 2021 16:30:09 GMT

Redirect headers

status: 302
date: Fri, 24 Jul 2020 16:30:09 GMT
cache-control: max-age=0
location: https://www.goettinger-tageblatt.de/var/storage/images/rnd/nachrichten/promis/warum-model-alena-fritz-jetzt-wieder-alena-gerber-heisst/726996846-1-ger-DE/Warum-Model-Alena-Fritz-jetzt-wieder-Alena-Gerber-heisst_reference_4_3.jpg
content-length: 0
vary: User-Agent
expires: Fri, 24 Jul 2020 16:30:09 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.reflections.bellevueclub.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 58d5fdd0e9308036ac160f9715b1413e65a4ec4169a2c221fd76d55f1f78887d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
farm66.static.flickr.com
farm8.static.flickr.com
i7.pngguru.com
image.gala.de
image.stern.de
m.goettinger-tageblatt.de
maxcdn.bootstrapcdn.com
reflections.bellevueclub.com
scontent-yyz1-1.cdninstagram.com
stackpath.bootstrapcdn.com
www.goettinger-tageblatt.de
104.108.40.148
13.78.106.101
2.18.214.33
2001:4de0:ac19::1:b:3a
2600:9000:2057:9e00:0:5a51:64c9:c681
2606:4700:3031::ac43:c4b2
2a00:1450:4001:806::200a
2a03:2880:f20e:c4:face:b00c:0:43fe
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
57caed17824c4c5def7656be95387c0fdfa3bb034cee5128a1c056a4ed24948c
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
902a21155fcbdc825599229b526c00e5958143000ead7226bfafa48731e68278
995d276510fd257aea86f1b165aa09f50a99952b6443e7e351e2bdbe0bb6a888
b1239d4e284876d92c13c6ff6ee79786c90b99e3cbbd4d5f718f9379c1f17174
c7b25d8886c88fccf2138dc4ac21bad4060a54feb5b93b87b6b38066c165e5fd
d34bf26427a3dcd16230e710841d0a8e518b50170983df45b63c9f1f9ab64446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

reflections.bellevueclub.com Open in urlscan Pro 13.78.106.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

63 %IPv6

9 Domains

12 Subdomains

8 IPs

6 Countries

756 kBTransfer

1036 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

reflections.bellevueclub.com Open in urlscan Pro
13.78.106.101 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

63 %
IPv6

9
Domains

12
Subdomains

8
IPs

6
Countries

756 kB
Transfer

1036 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions