www.theosintion.com Open in urlscan Pro
2606:4700:3108::ac42:2ae2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.theosintion.com/courses/osint-investigations-business/
Effective URL:
https://www.theosintion.com/courses/intelligence-investigations-business/
Submission: On January 06 via api (January 6th 2022, 11:39:19 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3108::ac42:2ae2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theosintion.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2021. Valid for: a year.

This is the only time www.theosintion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2606:4700:310... 2606:4700:3108::ac42:2ae2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3 3	52.20.214.171 52.20.214.171	14618 (AMAZON-AES) (AMAZON-AES)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	54.189.73.143 54.189.73.143	16509 (AMAZON-02) (AMAZON-02)
4	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
49	11

26 2606:4700:3108::ac42:2ae2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.theosintion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.20.214.171 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-214-171.compute-1.amazonaws.com

mlsjn2wngslm.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.189.73.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-73-143.us-west-2.compute.amazonaws.com

app.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

cdn-marketing.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-s.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	theosintion.com 1 redirects www.theosintion.com	542 KB
7	acuityscheduling.com app.acuityscheduling.com — Cisco Umbrella Rank: 51720 cdn-marketing.acuityscheduling.com — Cisco Umbrella Rank: 36778 cdn-s.acuityscheduling.com — Cisco Umbrella Rank: 48376	324 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 347	98 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	487 B
3	wp.com i1.wp.com — Cisco Umbrella Rank: 3803 i2.wp.com — Cisco Umbrella Rank: 3693 pixel.wp.com — Cisco Umbrella Rank: 2181	82 KB
3	optimole.com 3 redirects mlsjn2wngslm.i.optimole.com	384 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	113 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
49	9

	Domain	Requested by
26	www.theosintion.com	1 redirects www.theosintion.com
5	cdn.ampproject.org	www.theosintion.com cdn.ampproject.org
3	www.facebook.com	app.acuityscheduling.com
3	app.acuityscheduling.com	cdn.ampproject.org app.acuityscheduling.com cdn-marketing.acuityscheduling.com
3	mlsjn2wngslm.i.optimole.com	3 redirects
2	connect.facebook.net	app.acuityscheduling.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn-s.acuityscheduling.com	app.acuityscheduling.com
2	fonts.googleapis.com	app.acuityscheduling.com cdn-marketing.acuityscheduling.com
2	cdn-marketing.acuityscheduling.com	app.acuityscheduling.com
1	pixel.wp.com	www.theosintion.com
1	i2.wp.com	www.theosintion.com
1	i1.wp.com	www.theosintion.com
49	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.linkedin.com
www.twitch.tv
www.youtube.com
tidbit.theosintion.com
discord.theosintion.com
wiki.theosintion.com
discord.gg
www.transparentintel.com
theosintion.redbubble.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
acuityscheduling.com Amazon	`2021-08-15` - `2022-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-16` - `2022-01-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.theosintion.com/courses/intelligence-investigations-business/
Frame ID: 8FD5C210F9B8C73E763A74C5603ACABB
Requests: 35 HTTP requests in this frame

Frame: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business
Frame ID: C10987943F96DC62F4D46B94E3AABBCF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Intelligence Investigations: Business — The OSINTION

Page URL History Show full URLs

https://www.theosintion.com/courses/osint-investigations-business/ HTTP 301
https://www.theosintion.com/courses/intelligence-investigations-business/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

49
Requests

94 %
HTTPS

55 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1188 kB
Transfer

2542 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/theOSINTion
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/theOSINTion
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-osintion/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/theosintion
Title: Twitch

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCXqSBdEMk4ftglFrs4fDKSA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://tidbit.theosintion.com/

Search URL Search Domain Scan URL

URL: http://discord.theosintion.com/

Search URL Search Domain Scan URL

URL: https://wiki.theosintion.com/
Title: Wiki

Search URL Search Domain Scan URL

URL: https://discord.gg/p78TTGa
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.transparentintel.com/
Title: OSINT Consulting

Search URL Search Domain Scan URL

URL: https://theosintion.redbubble.com/
Title: Swag Shop

Search URL Search Domain Scan URL

URL: https://discord.gg/p78TTGa)
Title: Here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.theosintion.com/courses/osint-investigations-business/ HTTP 301
https://www.theosintion.com/courses/intelligence-investigations-business/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://mlsjn2wngslm.i.optimole.com/-1vJp5E-AIEKZx0J/w:auto/h:auto/q:auto/https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png?fit=800%2C450&ssl=1 HTTP 301
https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png

Request Chain 28

https://mlsjn2wngslm.i.optimole.com/ZPR39qM-X-2o0c4U/w:auto/h:auto/q:auto/https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png HTTP 301
https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png

Request Chain 31

https://mlsjn2wngslm.i.optimole.com/bVEvy-o-EMcdCEIv/w:auto/h:auto/q:auto/https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg?resize=520%2C520 HTTP 301
https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theosintion.com/courses/intelligence-investigations-business/
Redirect Chain

https://www.theosintion.com/courses/osint-investigations-business/
https://www.theosintion.com/courses/intelligence-investigations-business/

153 KB
24 KB

1102ms
1101ms

Document
text/html

2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820dfec908d9f27194312fa7571458384239c86f3737569dcf851c7e8033eec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 6c98c8d30cd94e5c-FRA
link: <https://www.theosintion.com/wp-json/>; rel="https://api.w.org/", <https://www.theosintion.com/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://www.theosintion.com/?p=23>; rel=shortlink
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header: 6b7412fb82ca5edfd0917e3957f05d89
server-timing: amp_sanitizer;dur="133.1",amp_style_sanitizer;dur="92.7",amp_tag_and_attribute_sanitizer;dur="27.2",amp_optimizer;dur="47.8"
x-cache-enabled: True
x-content-type-options: nosniff
x-httpd: 1
x-proxy-cache: EXPIRED
x-proxy-cache-info: 0 NC:000000 UP:
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=140k2Wnsv2W7yINvVrEjQzxAXo%2FsCzVcOVXeAUnhqJLYcKc9R5fTW0sC34cw1XO%2BcDMp%2BvWmvvgKCAGLzF0ZyYHJkHiilg1RSam8Hq2e37bg8mg%2FocFHMRP%2BSXend5EM35hoGSzmjPPjMUXjp7sFwmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 06 Jan 2022 23:39:13 GMT
content-type: text/html; charset=UTF-8
location: /courses/intelligence-investigations-business/
cf-ray: 6c98c8c4c9db4e5c-FRA
cache-control: max-age=3600
expires: Fri, 07 Jan 2022 00:39:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-content-type-options: nosniff
x-httpd: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:
x-redirect-by: redirection
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WsUsQtW2hLE%2F1AiACS9EhSmBz6pGJcZF61YRQJxWaMgn5K2nxk72JATZ1M9vTagw9NnQSiGEe12tPxkFPI70B3VvBqrPw6kkF%2Bn%2FnIU7CIOv3aMpWcy%2FzvfW7GlKgrENm76sogns4Vp%2FNDSk8jXDR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 fontawesome-webfont.eot
www.theosintion.com/wp-content/themes/agama/assets/fonts/ 162 KB
97 KB 36ms
36ms Font
application/vnd.ms-fontobject 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/themes/agama/assets/fonts/fontawesome-webfont.eot

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bfcab6db99d5cfbf1705ca0536ddc78585432cc5fa41bbd7ad0f009033b2979

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: 0 NC:100000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 18:04:25 GMT
server: cloudflare
etag: W/"2876e-5d35b5e950b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3J3t%2F%2Fgn3UWHbUGRogru7r2JwzGJV%2FYoyzZHd%2F1hC5k9454hxyjaeQN4hVY9oitsiss79f6cDnkPKKqFZlwU9oYmUTwNT2%2B9WX9XtfQJIIF2%2FoGO9fvXiCV8e6ZDI0Y99HEtEtyHeU4wSt6ZUM8KUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6c98c8da09b768fd-FRA
x-proxy-cache: BYPASS

GET
H3 200 social-logos.eot
www.theosintion.com/wp-content/plugins/jetpack/_inc/social-logos/ 11 KB
8 KB 28ms
28ms Font
application/vnd.ms-fontobject 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.eot?5d3b4da4f6c2460dd842dbf9e0992ea6

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36036fad5540362c1cf9b9c7d50b294261dcd7e3b2c0fdf6736e8b3ddd417c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: 0 NC:200000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 07 Dec 2021 20:42:42 GMT
server: cloudflare
etag: W/"2b10-5d2946a3b5664"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROJe5hcgfSdbuF8VvdL%2BRY7BvDot%2BxbDsiP4gzBFFSR%2Fx5CYi2Q%2BXtRn0eC1SQinh7xkFnuHaalzDwPFpL0RZZ4K5p1RL%2BPvbOY9xrgXKO8tvpnkdsx%2FSaZ9YIGxMirN2kqiILTrPWKKd0AvVS8nJyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6c98c8da09b968fd-FRA
x-proxy-cache: BYPASS

GET
H3 200 fontawesome-webfont.eot
www.theosintion.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 162 KB
97 KB 59ms
59ms Font
application/vnd.ms-fontobject 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.eot

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bfcab6db99d5cfbf1705ca0536ddc78585432cc5fa41bbd7ad0f009033b2979

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Dec 2021 20:43:00 GMT
server: cloudflare
etag: W/"2876e-5d43addf21cfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDcTbCjzQUwNXzCr9I%2F2BWrJwjvgwkXcNkxcEaVX2kk6VrNTZB%2FiDmWx1z2Z3t5hTpTy29Gw2t0bmjfZWvlMLLyGr1WWHbidhuT0LGse2zdcb6l3rgKScvFBmrTDYpg6SOMaqkOVVAQgRJRg9X06PmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6c98c8da09bc68fd-FRA
x-proxy-cache: HIT

GET
H3 200 JTURjIg1_i6t8kCHKm45_epG3gTD-Px3rCubqg.woff
www.theosintion.com/wp-content/fonts/montserrat/ 11 KB
12 KB 47ms
46ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_epG3gTD-Px3rCubqg.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f968413431c54787ebbc1f9f603d4ed5566bbebf2845157fbb862e9ab198823

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11180
last-modified: Mon, 16 Aug 2021 14:55:59 GMT
server: cloudflare
etag: "611a7c7f-2bac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8wMmo%2FdPbaK%2FZZHC5AruJ5q6NVa24ATEug%2BeEw2y1ibE2Of1sAuKZwOetZ6%2Fwenbc%2FRhFV9h%2Fw3JaEwilvA3ue4L2E7H6ptrp6pUEXmxICdHCKI8r1ry8vvyD9vXEpuW1tKfwjjhZayRQmVegohgSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09be68fd-FRA
expires: Fri, 16 Dec 2022 17:28:13 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_epG3g3D-Px3rCubqg.woff
www.theosintion.com/wp-content/fonts/montserrat/ 10 KB
10 KB 29ms
28ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_epG3g3D-Px3rCubqg.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8add8ee1bd979c54c40dccfcf5f1422ff70425a10787b85cd3cf3feb89e2c2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9792
last-modified: Mon, 16 Aug 2021 14:55:59 GMT
server: cloudflare
etag: "611a7c7f-2640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zvu6C7x3MTubdwcZenfI53wLh4dNpyrBMj56tHcJylt%2BkzxEp6ugO0xdzNJUpKG0EyDkVVwLWMu11XPI4n%2B5ikN5heVnWVkYJLJRTvScP4dKQYdBiFquIZEvxou7nOmqhV7bPtj5IkFwB5ZLZHi1iE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09bf68fd-FRA
expires: Fri, 16 Dec 2022 09:54:59 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_epG3gbD-Px3rCubqg.woff
www.theosintion.com/wp-content/fonts/montserrat/ 5 KB
6 KB 48ms
47ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_epG3gbD-Px3rCubqg.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a8cf4258cf772aad7db9b40a824c1aca0ea0febc8a7da7a295c3777a307e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5052
last-modified: Mon, 16 Aug 2021 14:55:59 GMT
server: cloudflare
etag: "611a7c7f-13bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVk3w4jUuOBgbgZUdXs31lzYpOWVyJOEKhfoDpFBa1RHzEpXV4L4Q79K7CPwaqs5%2BdXI%2BBcR9iALMnMGCz24YSmImOa3q%2Bc7fNmrLJvxPJDF0RfApTzpMCpjdUZ5J8Kd3oM%2FaWh9MdXOXBXz49uIr%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c168fd-FRA
expires: Sat, 17 Dec 2022 18:35:56 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_epG3gfD-Px3rCubqg.woff
www.theosintion.com/wp-content/fonts/montserrat/ 14 KB
15 KB 56ms
55ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_epG3gfD-Px3rCubqg.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945712d81803fba5081d74013208c79df37e182f494fbc5c0a841fa876652a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14648
last-modified: Mon, 16 Aug 2021 14:55:59 GMT
server: cloudflare
etag: "611a7c7f-3938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa2DMIRHENgJVVEwI%2BZ6MHKgFV4vLTqRC8A%2FA9CiJAraToxqBD0aJN58KldJwzJZgTnr%2F1L5ko8bwGudSzbIx5BM2ywJ51w82Pw9fOBDbVS40%2FMqbrMQlJHHqlLKPDjRNfP7e3XleTwdqG8eUi9RluM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c268fd-FRA
expires: Fri, 16 Dec 2022 09:55:00 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_epG3gnD-Px3rCs.woff
www.theosintion.com/wp-content/fonts/montserrat/ 16 KB
17 KB 53ms
52ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/montserrat/JTURjIg1_i6t8kCHKm45_epG3gnD-Px3rCs.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c0a4521c9aa3c1c6fcfff12cd96605af000820bba63666250d9f599d3d160f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16512
last-modified: Mon, 16 Aug 2021 14:55:59 GMT
server: cloudflare
etag: "611a7c7f-4080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQpp6WRy5ReTC1akmh8q4dUU8EM8ahiC%2B0JOP9OhHUOlcCW1EGCejPAH0SIy3OhczJ3z3CSnUTduVDmtczPbTMI7WwaXSNyv5lxdzEimZ8cqjqQ5E%2FoutAXygYs9QNly%2Fyu5fe4N7xyVkW93Gf3HLjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c368fd-FRA
expires: Sun, 21 Aug 2022 23:26:47 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrcVIT9d4cydYA.woff
www.theosintion.com/wp-content/fonts/raleway/ 11 KB
12 KB 59ms
58ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCFPrcVIT9d4cydYA.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de3f97abc3f0f2d3a2ce4452a19bd1339a9c5839b74e1b20f2274d693b78abe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11552
last-modified: Sat, 03 Jul 2021 07:34:28 GMT
server: cloudflare
etag: "60e01304-2d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDpL2ouHRqHVtlrG%2FjzZIp%2B%2FXTXpwDZhh2IBn8pH8X%2Fba7iC2gktOvNnZflrdIUWAV35SRrO6pZ63jS76Bkcicwc4bhfoxqTq1UCxEPcfemlrGqXoyxZ%2FqHsM4DdVipk8Ytn%2BWzaDYB5LyEB%2Fl9iCTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c468fd-FRA
expires: Mon, 19 Dec 2022 02:31:31 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrcVIT9d4cydYA.woff
www.theosintion.com/wp-content/fonts/raleway/ 10 KB
11 KB 48ms
46ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrcVIT9d4cydYA.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

415f644873542128b370d01e3cba58ddecedac0768ae2b97650890aa43ddd4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10052
last-modified: Sat, 03 Jul 2021 07:34:28 GMT
server: cloudflare
etag: "60e01304-2744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fkh3F7%2BSexj7B30GXo3d%2Fdn2cOR41mn9mrX4AFxI4FEf%2FwVHjTV7lhAitqvKGBO0McTNYqdX9L4urXgqc1e9NRGvZgzR4EKJSuQDpJxTpVyyvLouaQs2IBu1tEiZ%2FhfkMMjqR7PJ4tOshn3W7T%2BiZos%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c568fd-FRA
expires: Fri, 16 Dec 2022 09:54:59 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrcVIT9d4cydYA.woff
www.theosintion.com/wp-content/fonts/raleway/ 4 KB
5 KB 29ms
27ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrcVIT9d4cydYA.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f985b9a4d30aa405db4fbcda256fb4a304f36f4c2a5f63c331fe7c8d025ed05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4544
last-modified: Sat, 03 Jul 2021 07:34:28 GMT
server: cloudflare
etag: "60e01304-11c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe8WvljJqL4%2FvXsXUZyyztmT1GhoMl%2BO6uIY%2FzxTidaSN%2BEZaI8DWjuSA8LaxWmcbMZnN6upZfgx7FIQImFz5xKV7i7KTbtlWC6bfKelXUiQEDalZduoMEo6F0FK1KA0Fmsa5Jyy%2BDeuE7Q%2BP3Pa2p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c668fd-FRA
expires: Fri, 16 Dec 2022 17:28:13 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrcVIT9d4cydYA.woff
www.theosintion.com/wp-content/fonts/raleway/ 14 KB
15 KB 22ms
21ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrcVIT9d4cydYA.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9abdb9e7266e12673c14c11950acfba6c3fe2cc6f3447bc9c680d70f32ea591

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14664
last-modified: Sat, 03 Jul 2021 07:34:28 GMT
server: cloudflare
etag: "60e01304-3948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avlyeQ5h07ld1upJHhvUXMXImj4k6KtplWafJMJJ7gFb8XKsKQcVFjXfeTLBOUW1BMYRYFJUlCFBRej0WWzfw0CXdO8QusP9HulJJdAFa25%2BQ%2FIj5YDs0RQ3EMWiF3igtZ6xeRHCRuaclwx0Iwe3rvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c768fd-FRA
expires: Wed, 14 Dec 2022 21:06:39 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff
www.theosintion.com/wp-content/fonts/raleway/ 20 KB
21 KB 54ms
52ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c97813c4c90d2fe7c2e36ec2e9ee3764ea6399c96c4b6cf50be53cb31db27d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20876
last-modified: Sat, 03 Jul 2021 07:34:28 GMT
server: cloudflare
etag: "60e01304-518c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dx%2FOvxMdfP9oNxK9FP4rMHhz4OARgTFwWLazGq%2FUtlu0rBFmNNBTPxIwzN6lKG8%2BB4S%2BQT3UvH6jmOJTAlzTrvU5ygYWNyJm0He2hvOhPmSlexrIXVH0hT63tO5Mah%2FTY19v%2B%2F87E5R08a5nLeuesuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c868fd-FRA
expires: Sun, 21 Aug 2022 23:26:47 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCkYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 13 KB
14 KB 48ms
46ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCkYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c126c5b4f23dbd2fee3ad99be6df3de4fc4c850ca55b4c7929c81d32d7a778

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13612
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-352c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJeitq%2BZRYLlCmaspIp0ug%2BSbphhdYAukKSwUccSfIfK3PfSEk7Bp%2B4upbBtFuz8iEM8Q6yYtTUeVkx8%2F4j%2BuXKvlXEq7Qakd1Qm63Y35sw5J%2B9cg6CaRH3lxBEIXSc9IaCX2zA%2F2esDSxF0UIOSZnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09c968fd-FRA
expires: Sun, 18 Dec 2022 16:26:11 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 9 KB
9 KB 33ms
31ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8c0be336f7d5c75a64f61eae3f8c2c75e790c6f29561b8e3d9132ddb6112d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8864
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-22a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4syHyFS8ESwfKNPPIMh7MEAkiNbJEngJalSomFUfsAUodV5SEgLfqyDwM3kEtOajZVYIM0LRr%2BumQjMBYLdaQMr0V1oeehKGZYGQuOVFm1ynm09n23dymyLgTp43Z19lBgPmw4aK04TTfnVX27omPvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09ca68fd-FRA
expires: Thu, 15 Dec 2022 08:53:07 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCgYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 1 KB
2 KB 51ms
49ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCgYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae845fa315ec1979648dafd82ba9b6046be170cebaf74e23ba00bc7d5d853bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1324
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-52c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFub4JLNjWvJXP3%2B3LasMOzLQcfDauKxZNQ3dtVDZB4NXkrcyFcEbpuCVsZJv%2FiJA6E6OebWRNFGFCW%2BHRpzJ5eYZ6O2xrnmDV5%2FsHv%2F4hBlcwZ02ytXsRbTe7vzXRH5sl9%2FpdfHGfiFy57KRf42FWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09cb68fd-FRA
expires: Fri, 16 Dec 2022 17:28:13 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCcYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 6 KB
7 KB 51ms
50ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCcYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bf433929c606111a339e7724458e9e90847fedb5f2933db7c685304a8ec273

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6432
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-1920"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJX%2BYcqk5VbXtpblzkU7R9yGuaJi64cwlSyyT4T1boe7jDhVfqee%2BVE5TtHM9NKbrYj17kPWkFnOvdfMGZvMpZ29kpp0yrGBLwNAgovzdgMovPm%2FnF4f%2FggeKRJis1NhaKHsKqM4IURyoWtLrv9DX%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09cc68fd-FRA
expires: Fri, 16 Dec 2022 17:28:13 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 5 KB
5 KB 52ms
51ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c65503d19273167619d68dba7a4327b452d1754301279c48a41cef5def3c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4888
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-1318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gb9S0oAJwsusCcUykRS6LN4OTppoHJOE3n7CZIhDqiS65iIIXUS6yzNsPymgbdhALyY31ohBn3PVPgMrpvcWB4lCbIWy5AnDEXpNqqmXa0PYoHJURr1vEhuK0HqVBjZ0j6gJRa7jGAJY%2BXc%2FdP21yjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09cd68fd-FRA
expires: Sat, 17 Dec 2022 01:10:47 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYadlecyVC4A.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 10 KB
11 KB 72ms
71ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYadlecyVC4A.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dfbb965a8b66620b049d7ede843e3b1ac5ca54582a95333844c128e6b0c3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10396
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-289c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG7sFHJRtsSVMeCiDXEfTVdLnYox7DfY4P5gapuafe3LknitVhHNqqx7gthyU%2Fy8G00EB7lfMxgt%2FTZjsBBms%2Fnn4QoWp07FII%2F0df58AG4GzmiuAKQf9JWiyhD4Z1w9Vuj7sz%2BQI0xPKRU04qq9SZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09ce68fd-FRA
expires: Fri, 16 Dec 2022 17:28:13 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYadlecyU.woff
www.theosintion.com/wp-content/fonts/roboto-condensed/ 14 KB
15 KB 73ms
72ms Font
font/woff 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/fonts/roboto-condensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYadlecyU.woff

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36294f13e99a7d4cb9adbab53a03a5281a457eca59e1bc34e161108025bb771

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14320
last-modified: Fri, 02 Apr 2021 22:58:48 GMT
server: cloudflare
etag: "6067a1a8-37f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jmh%2FspCVVEUjD7qHw9zQMScuLO45c3gtg6pzAPnojRiaogW2muBuXnzUawLMETNgqYqTMIlxN3NosPUToWXBMkrDeKNx9ujFas61rHkpCZKkTVhwIze98d2fnmONkVN1BFRstzzkUVMFpBlQJeTLhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da09cf68fd-FRA
expires: Mon, 26 Dec 2022 03:50:24 GMT

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 208 KB
60 KB 143ms
81ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef9af95542251db86d7cc736c75d35f56d72097eedb453bf0e1711fb11839f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theosintion.com/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61399
x-xss-protection: 0
server: sffe
date: Thu, 06 Jan 2022 23:39:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "0563af7c5956887f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Jan 2022 23:39:15 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/v0/ 40 KB
13 KB 92ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.mjs

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6c9bc7855332f2e8edd671ce60b36f0354cbd4b691d393b3e2d18f07ec07ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theosintion.com/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12838
x-xss-protection: 0
server: sffe
date: Thu, 06 Jan 2022 23:39:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "036196410e1190e9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Jan 2022 23:39:14 GMT

GET
H2 200 amp-iframe-0.1.mjs Show response
cdn.ampproject.org/v0/ 20 KB
9 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d58afcf82fee32bae4e757908523bd93d350241b7e3122c475ce6bdd7cd3069

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theosintion.com/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7574
x-xss-protection: 0
server: sffe
date: Thu, 06 Jan 2022 23:39:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "7e94bfbd5e504439"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Jan 2022 23:39:14 GMT

GET
H2 200 amp-mustache-0.2.mjs Show response
cdn.ampproject.org/v0/ 37 KB
13 KB 85ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.mjs

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac143fff733fa2e838d252deeee24c5dc75b00a6269018f0b1bf3431042ffbe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theosintion.com/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13706
x-xss-protection: 0
server: sffe
date: Thu, 06 Jan 2022 23:39:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "af0e89c971b098d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Jan 2022 23:39:14 GMT

GET
H3 200 api.js Show response
www.theosintion.com/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 11ms
11ms Script
text/javascript 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noI0NZVZWhu4OYuymkT8F%2B2jXfjbNLEtQfM8tEeFCi3dOdjd5rWFvs4%2F3lBOtSyyZJfE3gD9V7XtoYq5WMlRzjummMjVmp9qNN4LWEa%2B57JWewsFMD%2BBhpW4Zi1kqw2gHYv4nEyH5JjbZk9NJZhEB%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6c98c8da19dd68fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

Business-1.png
i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/
Redirect Chain

https://mlsjn2wngslm.i.optimole.com/-1vJp5E-AIEKZx0J/w:auto/h:auto/q:auto/https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png?fit=800%2C450&ssl=1
https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png

61 KB
61 KB

24ms
7ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c2f0bbcdc583a383c9a7cbfc757f9ecb721022f332d1abfc38135d4915c10150

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 06 Jan 2022 23:39:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Dec 2021 20:30:50 GMT
server: nginx
etag: "f8ca3994fdf136d0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.theosintion.com/wp-content/uploads/2021/11/Business-1.png>; rel="canonical"
content-length: 62510
expires: Thu, 28 Dec 2023 08:30:50 GMT

Redirect headers

location: https://i1.wp.com/www.theosintion.com/wp-content/uploads/2021/11/Business-1.png
date: Thu, 06 Jan 2022 23:39:15 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f2ebf5d7712c79c0f3bc2058ffdbf23c02f22b9d9a23fd39419d0baf3ad43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2855f0d0e4636fa8cc2597a480d98bccd5660afda1b2de18a6675b2a08227831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

fs-overlay-bg.png
www.theosintion.com/wp-content/themes/agama/assets/img/
Redirect Chain

https://mlsjn2wngslm.i.optimole.com/ZPR39qM-X-2o0c4U/w:auto/h:auto/q:auto/https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png
https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png

42 KB
42 KB

138ms
137ms

Image
image/png

2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c17db4173c10a8df63fb692aba17163bb025c54ed56a319e958b6d89912609

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=46756
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42674
expires: Sat, 03 Dec 2022 14:04:06 GMT
last-modified: Fri, 27 Aug 2021 16:55:34 GMT
server: cloudflare
etag: "61291906-b6a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHdrXQMrkOYJsGRsIk25l%2BNKpf86a2%2FaJerVf7cyE4eo5czmAc4NYpIGuvBemWwQSnxHqy6oRa47mjWI%2FS4rMKDJzZtQgYAwDR5336eexhdTXBJ0fpac7m%2FRO5HQrT1Xl6Esc1PHVWjcyEiVXW%2BoL8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8dc1d8168fd-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

location: https://www.theosintion.com/wp-content/themes/agama/assets/img/fs-overlay-bg.png
date: Thu, 06 Jan 2022 23:39:15 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H3 200 fontawesome-webfont.woff2
www.theosintion.com/wp-content/themes/agama/assets/fonts/ 75 KB
76 KB 52ms
52ms Font
font/woff2 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/wp-content/themes/agama/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1303
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
last-modified: Tue, 10 Aug 2021 15:25:43 GMT
server: cloudflare
etag: "61129a77-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtdHddhi3yXhIVXZWX1YWDw79aoJTBbV%2BPqUNGzW0KQsOdTyW5aig%2FYPe7mZ5FqMZPX7IdI36s3LzIomWEKzsxDJTU9tree48rs5mv0kcOrPcrjMMxL7D93ybfzo4d4gaSBOyCnpbfWi7mSqsXTxUcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c98c8da3a0568fd-FRA
expires: Sun, 21 Aug 2022 21:20:02 GMT

POST
H3 204 result Show response
www.theosintion.com/cdn-cgi/bm/cv/ 0
782 B 34ms
34ms XHR
text/plain 2606:4700:3108::ac42:2ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theosintion.com/cdn-cgi/bm/cv/result?req_id=6c98c8d30cd94e5c

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theosintion.com/courses/intelligence-investigations-business/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jan 2022 23:39:15 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rraI3wFm%2Ft41TOfIVkT9XQnuKr4qXxrJT6eifnjCcXRS8rLk169%2FoenvYG2OOrrB4byR69LmrAiIUqVZC2bL6O7Zot%2B%2BOX61IBf8ZVFoyZ0ObSOFD1HxE%2FPSn5gyUOxE9L%2FDlIi5I88vmDBsbgP6ljE%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 6c98c8dacb1068fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

JoeGrayHeadshot.jpg
i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/
Redirect Chain

https://mlsjn2wngslm.i.optimole.com/bVEvy-o-EMcdCEIv/w:auto/h:auto/q:auto/https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg?resize=520%2C520
https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg

20 KB
21 KB

23ms
7ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg

Requested by

Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/

Protocol

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

aeb6945698a01057b0138d336df8cd6ea6a870e4c8fa1a7352f89991d9b9cc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 06 Jan 2022 23:39:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 05 Dec 2021 17:52:02 GMT
server: nginx
etag: "b205b9c9f886efeb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg>; rel="canonical"
content-length: 20838
expires: Wed, 06 Dec 2023 05:52:02 GMT

Redirect headers

location: https://i2.wp.com/www.theosintion.com/wp-content/uploads/2020/12/JoeGrayHeadshot.jpg
date: Thu, 06 Jan 2022 23:39:15 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2 200 g.gif
pixel.wp.com/ 50 B
126 B 24ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=165202377&post=23&tz=-5&srv=www.theosintion.com&host=www.theosintion.com&rand=0.24711246930604314&ref=
Requested by: Host: www.theosintion.com
URL: https://www.theosintion.com/courses/intelligence-investigations-business/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 Jan 2022 23:39:15 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012111242025001/v0/ 15 KB
4 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111242025001/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6856f82a4ca6b98221f2000d0e01c1728b4da86a0bc8016674c79396392f98b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theosintion.com/
Origin: https://www.theosintion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 361306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3723
x-xss-protection: 0
server: sffe
date: Sun, 02 Jan 2022 19:17:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6ff441e687b75db"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Jan 2023 19:17:29 GMT

GET
H2 200 schedule.php Show response
app.acuityscheduling.com/ Frame C109 41 KB
11 KB 766ms
360ms Document
text/html 54.189.73.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.73.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-73-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

5bfca2ada3930cbab98d7031a7461c41f818bacf91c71493bc3c20f624895abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.theosintion.com/

Response headers

date: Thu, 06 Jan 2022 23:39:15 GMT
content-type: text/html; charset=UTF-8
content-length: 10490
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="CAO PSA OUR"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload

GET
H2 200 schedule-weekly.css
cdn-marketing.acuityscheduling.com/built/csp/ Frame C109 146 KB
31 KB 37ms
7ms Stylesheet
text/css 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-marketing.acuityscheduling.com/built/csp/schedule-weekly.css?v=42fe8a

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d957ba946268a52dd6d0211becf705362f889274ca879180b706a062cd4ce2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16211
x-cache: HIT
x-cache-hits: 30
content-length: 30966
etag: "246cc-5d4ee660d35c0-gzip"
x-served-by: cache-hhn4031-HHN
last-modified: Thu, 06 Jan 2022 18:54:23 GMT
x-timer: S1641512356.918915,VS0,VE0
date: Thu, 06 Jan 2022 23:39:15 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 19:09:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C109 2 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 21:54:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 23:39:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 23:39:15 GMT

GET
H2 200 logo17960574.png
cdn-s.acuityscheduling.com/ Frame C109 27 KB
27 KB 26ms
17ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-s.acuityscheduling.com/logo17960574.png?1622568222
Requested by: Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be015bf2ba3c23e405e7e71f474e74befb0ff885d1257fbb7428c0be68cc7f6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "3412a742fd5243a80d61069a6c546353"
age: 249962
x-cache: HIT
content-length: 27537
x-amz-id-2: cHjNm0Fb25R/5cWP7TFcdTMLWmRRLNma21rO8LFdu/+Ce/QfsHQYxk/3o54kNxLFHp69stf0OaY=
x-served-by: cache-hhn4031-HHN
last-modified: Tue, 01 Jun 2021 17:23:44 GMT
server: AmazonS3
x-timer: S1641512356.939847,VS0,VE1
date: Thu, 06 Jan 2022 23:39:15 GMT
vary: Accept-Encoding
x-amz-request-id: QS3Q28H16K2DD6VD
accept-ranges: bytes
content-type: image/png
x-cache-hits: 1

GET
H2 200 logo-01.svg
app.acuityscheduling.com/img/brand/ Frame C109 4 KB
2 KB 185ms
185ms Image
image/svg+xml 54.189.73.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.acuityscheduling.com/img/brand/logo-01.svg

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.73.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-73-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

8adfb8b060235f81967e73bbfec4e257ba0ab13e488a4c9ae5210792500a077b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Jan 2022 18:50:04 GMT
etag: "ee6-5d4ee569d2f00-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; preload
accept-ranges: bytes
content-length: 1682
expires: Fri, 06 Jan 2023 23:39:16 GMT

GET
H2 200 schedule.all.js Show response
cdn-marketing.acuityscheduling.com/built/csp/ Frame C109 581 KB
166 KB 7ms
7ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-marketing.acuityscheduling.com/built/csp/schedule.all.js?v=42fe8a

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a1adbbf06de08064044dc183c202db79725e12c09b1562a0e9be4421d71d9390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16210
x-cache: HIT
x-cache-hits: 2
content-length: 169457
etag: "91337-5d4ee663afc80-gzip"
x-served-by: cache-hhn4031-HHN
last-modified: Thu, 06 Jan 2022 18:54:26 GMT
x-timer: S1641512356.930886,VS0,VE0
date: Thu, 06 Jan 2022 23:39:15 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 19:09:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C109 4 KB
649 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: cdn-marketing.acuityscheduling.com
URL: https://cdn-marketing.acuityscheduling.com/built/csp/schedule-weekly.css?v=42fe8a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 22:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 23:39:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 23:39:15 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame C109 13 KB
13 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.acuityscheduling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 14:56:27 GMT
x-content-type-options: nosniff
age: 117769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 14:56:27 GMT

POST
H2 200 schedule.php Show response
app.acuityscheduling.com/ Frame C109 7 KB
2 KB 277ms
277ms XHR
text/html 54.189.73.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.acuityscheduling.com/schedule.php?action=showCalendar&fulldate=1&owner=17960574&template=class

Requested by

Host: cdn-marketing.acuityscheduling.com
URL: https://cdn-marketing.acuityscheduling.com/built/csp/schedule.all.js?v=42fe8a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.73.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-189-73-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

514ccec6e724355033001e140e3d1a9bb5ec1e0fa005f8a1abf449dd9b748921

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 23:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding,User-Agent
p3p: CP="CAO PSA OUR"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=63072000; preload
content-type: text/html; charset=UTF-8
content-length: 1191
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame C109 13 KB
13 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.acuityscheduling.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:39:33 GMT
x-content-type-options: nosniff
age: 266383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:39:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C109 98 KB
26 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: FlNCUeFegQkgS0PE+sKxlskOGrICT1OQLT+XD/umZYFScqVpVmJU+O87w5Cxs6Gpk7R48GjvACnKOvizHr5PNw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 06 Jan 2022 23:39:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 922795845188747 Show response
connect.facebook.net/signals/config/ Frame C109 305 KB
87 KB 121ms
111ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/922795845188747?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4bad276fa73e26d8a7e1c6de39810ef36ef7ef08295a7deb76004c7c45d1215

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: mz0Wjhmwq2PZv0wPhdzKGiIn6qNLH2j8tiIDPQjd+I1qXVViT941YsHovmCJi+pr8O8yyvIiFt4qJ5d4algp5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 06 Jan 2022 23:39:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C109 44 B
101 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922795845188747&ev=PageView&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D17960574%26appointmentType%3Dcategory%3AIntelligence%2520Investigations%253A%2520Business%23amp%3D1&rl=https%3A%2F%2Fwww.theosintion.com%2F&if=true&ts=1641512356229&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1641512356074&coo=false&exp=p1&rqm=GET

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 06 Jan 2022 23:39:16 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C109 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922795845188747&ev=InitiateCheckout&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D17960574%26appointmentType%3Dcategory%3AIntelligence%2520Investigations%253A%2520Business%23amp%3D1&rl=https%3A%2F%2Fwww.theosintion.com%2F&if=true&ts=1641512356231&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1641512356074&coo=false&exp=p1&rqm=GET

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=17960574&appointmentType=category:Intelligence%20Investigations%3A%20Business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 06 Jan 2022 23:39:16 GMT

GET
H2 200 appointmentType-thumb-18596560.png
cdn-s.acuityscheduling.com/ Frame C109 86 KB
86 KB 1115ms
1114ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-s.acuityscheduling.com/appointmentType-thumb-18596560.png?1636695475?1641512356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c86a2fe58a75cd92e0fbd81a7db9247977dce75c4c5b1b455e72f373147d8d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "9bffd27aced79f1b4736f92770bb2853"
age: 0
x-cache: MISS
content-length: 88134
x-amz-id-2: T+R9Us9DuurfwF9z5BBWGEu0YkeKc89awyh9/CS2YwBdL+UDvDQSzu5HbIqKD9uzM5IFihFmInI=
x-served-by: cache-hhn4031-HHN
last-modified: Fri, 12 Nov 2021 05:37:57 GMT
server: AmazonS3
x-timer: S1641512356.306859,VS0,VE1106
date: Thu, 06 Jan 2022 23:39:17 GMT
vary: Accept-Encoding
x-amz-request-id: 132DQSC9TWAYS1KP
accept-ranges: bytes
content-type: image/png
x-cache-hits: 0

GET
H3 200 /
www.facebook.com/tr/ Frame C109 44 B
91 B 24ms
11ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922795845188747&ev=Microdata&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D17960574%26appointmentType%3Dcategory%3AIntelligence%2520Investigations%253A%2520Business%23amp%3D1&rl=https%3A%2F%2Fwww.theosintion.com%2F&if=true&ts=1641512356732&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Schedule%20Appointment%20with%20The%20OSINTion%22%2C%22meta%3Adescription%22%3A%22Schedule%20your%20appointment%20online%20%20The%20OSINTion%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D17960574%26appointmentType%3Dcategory%253AIntelligence%2BInvestigations%253A%2BBusiness%22%2C%22og%3Atitle%22%3A%22The%20OSINTion%22%2C%22og%3Adescription%22%3A%22Schedule%20your%20appointment%20online%20%20The%20OSINTion%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn-s.acuityscheduling.com%2Flogo17960574.png%3F1622568222%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&it=1641512356074&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 23:39:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 06 Jan 2022 23:39:16 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theosintion.com/	1970-01-19 23:58:34	Name: __cf_bm Value: uXXdYiTDFnQJCkhEFATUvpz7Ug9_T0V9aK2jrUr5s4k-1641512355-0-AWoCRHKbSupPFMsf9byxJmLJqgVEYhyOupKZjzK9L2ApixLYGU6+x7nNUE8r6ehaeasHXzGBmh5dOR0hP59ARPV+/JJXsoVOMeRiN5XS0uFEsnTXrKcHyPI/GyLOY+weHg==
.acuityscheduling.com/	1970-01-20 17:29:44	Name: device_id Value: d0ea0d02-109b-4ecd-8552-d6fd8c2e01a6
app.acuityscheduling.com/	1970-01-20 00:41:44	Name: PHPSESSID Value: h076auvqna22jme542pt4f84lq

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: Failed to decode downloaded font: https://www.theosintion.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.eot?5d3b4da4f6c2460dd842dbf9e0992ea6#iefix
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: OTS parsing error: invalid sfntVersion: 271253504
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: Failed to decode downloaded font: https://www.theosintion.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.eot?5d3b4da4f6c2460dd842dbf9e0992ea6#iefix
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: OTS parsing error: invalid sfntVersion: 271253504
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: Failed to decode downloaded font: https://www.theosintion.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.eot?5d3b4da4f6c2460dd842dbf9e0992ea6#iefix
other	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: OTS parsing error: invalid sfntVersion: 271253504
javascript	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: The resource https://www.theosintion.com/wp-content/themes/agama/assets/fonts/fontawesome-webfont.eot#iefix&v=4.7.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theosintion.com/courses/intelligence-investigations-business/ Message: The resource https://www.theosintion.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.eot#iefix&v=4.7.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.acuityscheduling.com
cdn-marketing.acuityscheduling.com
cdn-s.acuityscheduling.com
cdn.ampproject.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i1.wp.com
i2.wp.com
mlsjn2wngslm.i.optimole.com
pixel.wp.com
www.facebook.com
www.theosintion.com
151.101.194.132
192.0.76.3
192.0.77.2
2606:4700:3108::ac42:2ae2
2a00:1450:4001:812::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.20.214.171
54.189.73.143
04ef9af95542251db86d7cc736c75d35f56d72097eedb453bf0e1711fb11839f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10c0a4521c9aa3c1c6fcfff12cd96605af000820bba63666250d9f599d3d160f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2855f0d0e4636fa8cc2597a480d98bccd5660afda1b2de18a6675b2a08227831
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
38dfbb965a8b66620b049d7ede843e3b1ac5ca54582a95333844c128e6b0c3a9
415f644873542128b370d01e3cba58ddecedac0768ae2b97650890aa43ddd4ea
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4d58afcf82fee32bae4e757908523bd93d350241b7e3122c475ce6bdd7cd3069
514ccec6e724355033001e140e3d1a9bb5ec1e0fa005f8a1abf449dd9b748921
5bfca2ada3930cbab98d7031a7461c41f818bacf91c71493bc3c20f624895abf
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7bfcab6db99d5cfbf1705ca0536ddc78585432cc5fa41bbd7ad0f009033b2979
7f985b9a4d30aa405db4fbcda256fb4a304f36f4c2a5f63c331fe7c8d025ed05
820dfec908d9f27194312fa7571458384239c86f3737569dcf851c7e8033eec8
8add8ee1bd979c54c40dccfcf5f1422ff70425a10787b85cd3cf3feb89e2c2f9
8adfb8b060235f81967e73bbfec4e257ba0ab13e488a4c9ae5210792500a077b
8f968413431c54787ebbc1f9f603d4ed5566bbebf2845157fbb862e9ab198823
945712d81803fba5081d74013208c79df37e182f494fbc5c0a841fa876652a97
a1adbbf06de08064044dc183c202db79725e12c09b1562a0e9be4421d71d9390
a36036fad5540362c1cf9b9c7d50b294261dcd7e3b2c0fdf6736e8b3ddd417c7
ab8c0be336f7d5c75a64f61eae3f8c2c75e790c6f29561b8e3d9132ddb6112d0
ac143fff733fa2e838d252deeee24c5dc75b00a6269018f0b1bf3431042ffbe2
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
ae845fa315ec1979648dafd82ba9b6046be170cebaf74e23ba00bc7d5d853bf2
aeb6945698a01057b0138d336df8cd6ea6a870e4c8fa1a7352f89991d9b9cc47
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4bad276fa73e26d8a7e1c6de39810ef36ef7ef08295a7deb76004c7c45d1215
b9c126c5b4f23dbd2fee3ad99be6df3de4fc4c850ca55b4c7929c81d32d7a778
be015bf2ba3c23e405e7e71f474e74befb0ff885d1257fbb7428c0be68cc7f6f
c2f0bbcdc583a383c9a7cbfc757f9ecb721022f332d1abfc38135d4915c10150
c86a2fe58a75cd92e0fbd81a7db9247977dce75c4c5b1b455e72f373147d8d8c
c97813c4c90d2fe7c2e36ec2e9ee3764ea6399c96c4b6cf50be53cb31db27d6a
d1f2ebf5d7712c79c0f3bc2058ffdbf23c02f22b9d9a23fd39419d0baf3ad43b
d4bf433929c606111a339e7724458e9e90847fedb5f2933db7c685304a8ec273
d4c65503d19273167619d68dba7a4327b452d1754301279c48a41cef5def3c1e
d5c17db4173c10a8df63fb692aba17163bb025c54ed56a319e958b6d89912609
d957ba946268a52dd6d0211becf705362f889274ca879180b706a062cd4ce2a6
d9abdb9e7266e12673c14c11950acfba6c3fe2cc6f3447bc9c680d70f32ea591
de3f97abc3f0f2d3a2ce4452a19bd1339a9c5839b74e1b20f2274d693b78abe7
e36294f13e99a7d4cb9adbab53a03a5281a457eca59e1bc34e161108025bb771
e3a8cf4258cf772aad7db9b40a824c1aca0ea0febc8a7da7a295c3777a307e59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6c9bc7855332f2e8edd671ce60b36f0354cbd4b691d393b3e2d18f07ec07ca
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6856f82a4ca6b98221f2000d0e01c1728b4da86a0bc8016674c79396392f98b

www.theosintion.com Open in urlscan Pro 2606:4700:3108::ac42:2ae2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

55 %IPv6

9 Domains

13 Subdomains

11 IPs

2 Countries

1188 kBTransfer

2542 kBSize

3 Cookies

12 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.theosintion.com Open in urlscan Pro
2606:4700:3108::ac42:2ae2 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

55 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1188 kB
Transfer

2542 kB
Size

3
Cookies

49 HTTP transactions
2 data transactions