URL: https://login.aquisagency.de/
Submission: On September 23 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 25 HTTP transactions. The main IP is 3.134.84.149, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is login.aquisagency.de.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.
This is the only time login.aquisagency.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.134.84.149 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.64.217 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
5 151.101.114.109 54113 (FASTLY)
1 151.101.0.217 54113 (FASTLY)
2 34.120.202.204 15169 (GOOGLE)
25 10
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
4 uploads.heightsplatform.com login.aquisagency.de
3 f.vimeocdn.com player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
2 fonts.googleapis.com login.aquisagency.de
2 cdnjs.cloudflare.com login.aquisagency.de
assets.heightsplatform.com
2 assets.heightsplatform.com login.aquisagency.de
1 vimeo.com f.vimeocdn.com
1 player.vimeo.com login.aquisagency.de
1 maxcdn.bootstrapcdn.com login.aquisagency.de
1 login.aquisagency.de
25 12

This site contains no links.

Subject Issuer Validity Valid
login.aquisagency.de
R3
2021-09-23 -
2021-12-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-29 -
2022-06-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-09-15 -
2022-10-17
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-18 -
2022-06-19
a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4
2021-08-22 -
2021-11-20
3 months crt.sh

This page contains 2 frames:

Primary Page: https://login.aquisagency.de/
Frame ID: 0938BA990D76EFCA17FF054D2BB6E0CA
Requests: 16 HTTP requests in this frame

Frame: https://player.vimeo.com/video/356395166
Frame ID: D306B9AC084212025D1D464C7F667B86
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Coach2Call Academy - Join the Program

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

10
IPs

2
Countries

1042 kB
Transfer

1921 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
login.aquisagency.de/
12 KB
13 KB
Document
General
Full URL
https://login.aquisagency.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.84.149 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-84-149.us-east-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
827dd6db129bb39025d5e07c779fcc13d594e1f3e490f56e3e604ca6280a3750
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
login.aquisagency.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
openresty/1.15.8.2
Date
Thu, 23 Sep 2021 12:52:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Etag
W/"827dd6db129bb39025d5e07c779fcc13"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_Heights_session=SzFWTHNpV3lqT2FoNkhEYlJXdTdaOGRVdEd6NldwMTgySWV4UlNCZGNtdGVEcHdXSS9YVHJZakJGdE44SmNKSWVZczg1djlmL1NuM3gwQ1V1WlJlVHVjUGhwMU8vL0ZtV09tbEFDMlU2QVozbEpYSnpVYkJ6eGQyOU1yWDNDcStyZ1BUdEVGSVRkMGxkU3d5b04vRVZ3PT0tLW5Ia3pJZHVMK0o2Y0VJVWwvV3dvaGc9PQ%3D%3D--45cbeb3081463f1e1e542e12baa2a5a269caa340; domain=.login.aquisagency.de; path=/; HttpOnly
X-Request-Id
422ff94d-de38-4ffc-baad-01060c465ab3
X-Runtime
0.042547
Via
1.1 vegur
front-9249068c8f9ed590f42ff838294b0df6378e0137a9ce457c6a83dde9e58f9b2d.css
assets.heightsplatform.com/assets/
149 KB
30 KB
Stylesheet
General
Full URL
https://assets.heightsplatform.com/assets/front-9249068c8f9ed590f42ff838294b0df6378e0137a9ce457c6a83dde9e58f9b2d.css
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9249068c8f9ed590f42ff838294b0df6378e0137a9ce457c6a83dde9e58f9b2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:56 GMT
via
1.1 vegur, 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
934024
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
30210
last-modified
Sun, 12 Sep 2021 17:03:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=15552000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
cf-ray
6933e9be9ae94e19-FRA
x-amz-cf-id
dhuY2DwoV6FBNr7obV3VYIvQduS8wWX6M2dgxHcy0lqieIBzb1LH7Q==
expires
Tue, 22 Mar 2022 12:52:56 GMT
red-theme-landing-ab8d177ad1c535c7246425d97eba1d2603b4d41af6f3cdff0a0372cf00200357.css
assets.heightsplatform.com/assets/landing-themes/
17 KB
4 KB
Stylesheet
General
Full URL
https://assets.heightsplatform.com/assets/landing-themes/red-theme-landing-ab8d177ad1c535c7246425d97eba1d2603b4d41af6f3cdff0a0372cf00200357.css
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8d177ad1c535c7246425d97eba1d2603b4d41af6f3cdff0a0372cf00200357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:56 GMT
via
1.1 vegur, 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
4032
last-modified
Sat, 17 Jul 2021 04:23:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=15552000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
6933e9be9aed4e19-FRA
x-amz-cf-id
TMesvvLwlchsAPl-Sus2LdeAa89XleC76w6C37wZsMQ7NRe8INetuQ==
expires
Tue, 22 Mar 2022 12:52:56 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/
84 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
900320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27198
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WILIAT%2Bn4OKKFbh2jrGBhQYxsiQL8qnN4hEK1ChS4kToL1wJdfTSKotQciYqoy2yxWWBNp0%2FzpAUOh56Iq7Z70x9QZFojiNBWnaVite%2B16JB6FHYtTlDKSeSBW56AjRVROwfPSEbdJkxQA5SS7cILZqF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6933e9be6bd04e92-FRA
expires
Tue, 13 Sep 2022 12:52:56 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.1.0/js/
28 KB
8 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.1.0/js/bootstrap.min.js
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.aquisagency.de/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
632, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:29:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:56 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5ff97c762bdefe12e0d683eab8b049d2
cf-ray
6933e9be79f50605-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
11 KB
898 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d480adf6312c03f60a8f9e1bc5558a00018b31e67ab14cd6f9f4b5dd09f3834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 12:36:37 GMT
server
ESF
date
Thu, 23 Sep 2021 12:52:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Sep 2021 12:52:56 GMT
css
fonts.googleapis.com/
1 KB
930 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
773742236477ed8ae8083562c6bccb8c270f0873859a3f412fbef6feea92440b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 11:26:15 GMT
server
ESF
date
Thu, 23 Sep 2021 12:52:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Sep 2021 12:52:56 GMT
287aa26576dce3721647bebcfaf0be81.png
uploads.heightsplatform.com/program/aquis/account/1123/logo/
4 KB
4 KB
Image
General
Full URL
https://uploads.heightsplatform.com/program/aquis/account/1123/logo/287aa26576dce3721647bebcfaf0be81.png
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8d0cd82cd7805ad964c50c07fc880544d02bddf9ebdf9761fea6d9016c06f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366459.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
4056
last-modified
Sun, 26 Apr 2020 15:55:41 GMT
server
cloudflare
etag
"da65de1517a7cb061fe46d3682a1f92f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
6933e9bedb6b4e19-FRA
x-amz-cf-id
uP7VmMjtpB1K8FGdhQHjekW_mBDcagIGKab-hBkkPYfxb8DlTt1wxw==
expires
Fri, 01 Oct 2021 12:52:57 GMT
091662b10670eea2b5f099d3c5894628.png
uploads.heightsplatform.com/program/aquis/webpage/1/hero/
320 KB
321 KB
Image
General
Full URL
https://uploads.heightsplatform.com/program/aquis/webpage/1/hero/091662b10670eea2b5f099d3c5894628.png
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681ba59f89c4a6b6d8a6d5f44751398b5120960ea4fad97e9c84f39a31939de4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
327623
last-modified
Sun, 12 Jul 2020 17:42:09 GMT
server
cloudflare
etag
"dfdcff76596030440f5e4af809e5dcec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
6933e9bf1bf24e19-FRA
x-amz-cf-id
CA0AyggWnH3oFeHfvTecyP-3TGcHMGp8L9rc61NKA8fPz0NwSWxxNQ==
expires
Fri, 01 Oct 2021 12:52:57 GMT
thumbnail-90578ad5222673aea989a30ea20eedad.png
uploads.heightsplatform.com/program/aquis/course/2/cover_image/
169 KB
169 KB
Image
General
Full URL
https://uploads.heightsplatform.com/program/aquis/course/2/cover_image/thumbnail-90578ad5222673aea989a30ea20eedad.png
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c264113088d12f448779cfd5ed6fa2a097be48da3619a4ac4cdfa43fc6ff5d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
172585
last-modified
Sat, 25 Apr 2020 17:44:10 GMT
server
cloudflare
etag
"7dd61ee6f34c69e3c26c113321fbdc8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
6933e9bf2c214e19-FRA
x-amz-cf-id
Ft-Cv7jTAAdUXAO9YVPa_T7ZScR9o14yKWMUqSRJyd9E_ec7cd6IPQ==
expires
Fri, 01 Oct 2021 12:52:57 GMT
original-6d56bd0f5ed86c980a0fe61671c17be7.png
uploads.heightsplatform.com/program/aquis/user/1/profile_image/
85 KB
85 KB
Image
General
Full URL
https://uploads.heightsplatform.com/program/aquis/user/1/profile_image/original-6d56bd0f5ed86c980a0fe61671c17be7.png
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dac49113030fc7c78634c77517954d9cec1900cb96cd969ee4978ed41acc5ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
86755
last-modified
Mon, 03 Aug 2020 15:51:06 GMT
server
cloudflare
etag
"c518760419e4f7fbf964242f51e1b2e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
cf-ray
6933e9bf2c254e19-FRA
x-amz-cf-id
Eb-usTgxoS4cb8cweGEXVkw2N4Nndvn6UBxyK2ed26aBfa5s5vhdOg==
expires
Fri, 01 Oct 2021 12:52:57 GMT
356395166
player.vimeo.com/video/ Frame D306
16 KB
8 KB
Document
General
Full URL
https://player.vimeo.com/video/356395166
Requested by
Host: login.aquisagency.de
URL: https://login.aquisagency.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5aa35c4d81dec044e2acca85cac675950f7831b5f378ae4a2211fa6f1d4e4870
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://login.aquisagency.de/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.aquisagency.de/

Response headers

Connection
keep-alive
Content-Length
5128
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-b-4
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 23 Sep 2021 12:52:57 GMT
Age
0
X-Served-By
cache-hhn4061-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1632401577.895340,VS0,VE312
Vary
Accept-Encoding
X-Player-Backend
p
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 04:26:59 GMT
x-content-type-options
nosniff
age
289557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 04:26:59 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:08:18 GMT
x-content-type-options
nosniff
age
204278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 04:08:18 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: assets.heightsplatform.com
URL: https://assets.heightsplatform.com/assets/front-9249068c8f9ed590f42ff838294b0df6378e0137a9ce457c6a83dde9e58f9b2d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.heightsplatform.com/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1360928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifnQSC2F9%2BcbuzXMv7Y%2BLhHPnINwdXO3aO7FMJuh8dE4Z4PZXeZLJbD7Qk56b03%2Fvy4bvU%2Bv0gN5zOaRxuNj1pKDBWwNT9diVtsE64mcCO7moNs22ga%2Ft%2BqemOxXxxI1WbfTJGLSwn22xDAYK%2FOLTP5E"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6933e9bf58f242db-FRA
expires
Tue, 13 Sep 2022 12:52:56 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:41:06 GMT
x-content-type-options
nosniff
age
69110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 17:41:06 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.aquisagency.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 03:52:06 GMT
x-content-type-options
nosniff
age
205250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 03:52:06 GMT
830433243-85d867e8cf2f057ec4212e8575a60505fad5c2fd735f0e4ba66e93e7b4460c15-d.jpg
i.vimeocdn.com/video/ Frame D306
1 KB
1 KB
Image
General
Full URL
https://i.vimeocdn.com/video/830433243-85d867e8cf2f057ec4212e8575a60505fad5c2fd735f0e4ba66e93e7b4460c15-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/356395166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6dd644ff218586b7d3180f4894a29b7f5fb2de33ae019c164797cd89e76a60e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
69219
x-viewmaster-lossless-format
false
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
1183
viewmaster-server
viewmaster-us-central1-xdx8
x-served-by
cache-dfw18665-DFW, cache-hhn4081-HHN
x-timer
S1632401577.289183,VS0,VE122
etag
2589a8aca5fb9a47de6fd836cb933255
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 0
player.de-DE.js
f.vimeocdn.com/p/3.41.1/js/ Frame D306
659 KB
155 KB
Script
General
Full URL
https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/356395166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e38e78a75116f90a2eabaf843ed02d5ce5d5b70a1b0536ece84f97919072ad54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 varnish, 1.1 varnish
age
71576
x-guploader-uploadid
ADPycdu3WY_rSrgEshurey4uDObXMVBhpHJb0DxNgLQu1IdvzO3BJ_v_e-ie-o7uhCbrgVtHZ6YotXgLQ0ohQN_8oLY
x-cache
MISS, HIT
content-encoding
br
content-length
158134
x-served-by
cache-bwi5181-BWI, cache-hhn4080-HHN
last-modified
Wed, 22 Sep 2021 16:50:58 GMT
server
UploadServer
x-timer
S1632401577.278636,VS0,VE0
etag
"579919219be687b68caa7a70b8923778"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 20151
player.css
f.vimeocdn.com/p/3.41.1/css/ Frame D306
171 KB
18 KB
Stylesheet
General
Full URL
https://f.vimeocdn.com/p/3.41.1/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/356395166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f8bf4e08783cb6e00e31bf96b46e4aa429c72aaf8c2b8ba270c334b4a0b6b1c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 varnish, 1.1 varnish
age
71577
x-guploader-uploadid
ADPycdvJKeMWRD6E-iOy3G_lEDeVUY7kEAPfL2W80e7-8Yr4B6fvg22xgacC6K9qhUMzScbsPGN7f6mYkDfugFr0wjY
x-cache
MISS, HIT
content-encoding
br
content-length
18394
x-served-by
cache-bwi5167-BWI, cache-hhn4080-HHN
last-modified
Wed, 22 Sep 2021 16:50:59 GMT
server
UploadServer
x-timer
S1632401577.278622,VS0,VE0
etag
"30d43c57e6afc7ba37ce4471438fb422"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 83153
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame D306
3 KB
1 KB
Script
General
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/356395166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
content-encoding
gzip
age
4861541
x-cache
HIT, HIT
content-length
1238
x-served-by
cache-bwi5172-BWI, cache-hhn4080-HHN
last-modified
Thu, 29 Jul 2021 05:38:40 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1632401577.278695,VS0,VE0
etag
"a68-5c83c83e57800-gzip"
vary
Accept-Encoding,x-http-method-override
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Sun, 27 Jul 2031 06:27:16 GMT
x-vimeo-dc
ge
x-bapp-server
assets-v949-4qvwc
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1159150
vuid
vimeo.com/ablincoln/ Frame D306
0
790 B
Ping
General
Full URL
https://vimeo.com/ablincoln/vuid?pid=5101636f65ec9591da210ac450d2ef4cf9c7e4e31632401576
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5150-BWI, cache-hhn4046-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1632401577.345781,VS0,VE123
X-Frame-Options
sameorigin
Date
Thu, 23 Sep 2021 12:52:57 GMT
Vary
User-Agent
Expires
Thu, 23 Sep 2021 00:52:57 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v15120-6l8rn
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
player-test-impression
fresnel.vimeocdn.com/add/ Frame D306
0
110 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
830433243-85d867e8cf2f057ec4212e8575a60505fad5c2fd735f0e4ba66e93e7b4460c15-d
i.vimeocdn.com/video/ Frame D306
26 KB
26 KB
Image
General
Full URL
https://i.vimeocdn.com/video/830433243-85d867e8cf2f057ec4212e8575a60505fad5c2fd735f0e4ba66e93e7b4460c15-d
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/356395166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a320feddd9020f628f0e07b26597a7114b26a2d6470600628834ef8f348c3e8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 12:52:57 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
605710
x-viewmaster-lossless-format
false
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
26117
viewmaster-server
viewmaster-us-central1-1hvk
x-served-by
cache-dfw18649-DFW, cache-hhn4081-HHN
x-timer
S1632401577.363728,VS0,VE127
etag
b4abf21e147e3abe789f803e7c3138da
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 0
player-stats
fresnel.vimeocdn.com/add/ Frame D306
0
40 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5101636f65ec9591da210ac450d2ef4cf9c7e4e31632401576
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 23 Sep 2021 12:52:57 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
.login.aquisagency.de/ Name: _Heights_session
Value: SzFWTHNpV3lqT2FoNkhEYlJXdTdaOGRVdEd6NldwMTgySWV4UlNCZGNtdGVEcHdXSS9YVHJZakJGdE44SmNKSWVZczg1djlmL1NuM3gwQ1V1WlJlVHVjUGhwMU8vL0ZtV09tbEFDMlU2QVozbEpYSnpVYkJ6eGQyOU1yWDNDcStyZ1BUdEVGSVRkMGxkU3d5b04vRVZ3PT0tLW5Ia3pJZHVMK0o2Y0VJVWwvV3dvaGc9PQ%3D%3D--45cbeb3081463f1e1e542e12baa2a5a269caa340
.vimeo.com/ Name: vuid
Value: pl1583970187.302837807

1 Console Messages

Source Level URL
Text
other warning URL: https://login.aquisagency.de/(Line 198)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.heightsplatform.com
cdnjs.cloudflare.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
login.aquisagency.de
maxcdn.bootstrapcdn.com
player.vimeo.com
uploads.heightsplatform.com
vimeo.com
151.101.0.217
151.101.114.109
151.101.64.217
2606:4700::6810:125e
2606:4700::6812:1a8e
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:811::200a
3.134.84.149
34.120.202.204
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
1b8d0cd82cd7805ad964c50c07fc880544d02bddf9ebdf9761fea6d9016c06f9
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
5aa35c4d81dec044e2acca85cac675950f7831b5f378ae4a2211fa6f1d4e4870
681ba59f89c4a6b6d8a6d5f44751398b5120960ea4fad97e9c84f39a31939de4
6dac49113030fc7c78634c77517954d9cec1900cb96cd969ee4978ed41acc5ee
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
773742236477ed8ae8083562c6bccb8c270f0873859a3f412fbef6feea92440b
827dd6db129bb39025d5e07c779fcc13d594e1f3e490f56e3e604ca6280a3750
8d480adf6312c03f60a8f9e1bc5558a00018b31e67ab14cd6f9f4b5dd09f3834
9249068c8f9ed590f42ff838294b0df6378e0137a9ce457c6a83dde9e58f9b2d
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a320feddd9020f628f0e07b26597a7114b26a2d6470600628834ef8f348c3e8d
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab8d177ad1c535c7246425d97eba1d2603b4d41af6f3cdff0a0372cf00200357
c264113088d12f448779cfd5ed6fa2a097be48da3619a4ac4cdfa43fc6ff5d40
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
e38e78a75116f90a2eabaf843ed02d5ce5d5b70a1b0536ece84f97919072ad54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f6dd644ff218586b7d3180f4894a29b7f5fb2de33ae019c164797cd89e76a60e
f8bf4e08783cb6e00e31bf96b46e4aa429c72aaf8c2b8ba270c334b4a0b6b1c4