creditsuisse.sleepschool.org Open in urlscan Pro
172.67.144.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://creditsuisse.sleepschool.org/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2021, 12:15:07 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 172.67.144.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is creditsuisse.sleepschool.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2021. Valid for: a year.

This is the only time creditsuisse.sleepschool.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	172.67.144.76 172.67.144.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
1	52.95.150.33 52.95.150.33	16509 (AMAZON-02) (AMAZON-02)
8	4

6 172.67.144.76 (United States)

ASN13335 (CLOUDFLARENET, US)

creditsuisse.sleepschool.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.150.33 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-west-2.amazonaws.com

sleep-school-app-dev.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	sleepschool.org creditsuisse.sleepschool.org	129 KB
1	amazonaws.com sleep-school-app-dev.s3.amazonaws.com	34 KB
1	vimeo.com player.vimeo.com	7 KB
8	3

	Domain	Requested by
6	creditsuisse.sleepschool.org	creditsuisse.sleepschool.org
1	sleep-school-app-dev.s3.amazonaws.com	creditsuisse.sleepschool.org
1	player.vimeo.com	creditsuisse.sleepschool.org
8	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://creditsuisse.sleepschool.org/
Frame ID: 20A39ACDC50731FDC4ACCEAA4C94F01E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sleep School

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

169 kB
Transfer

298 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
creditsuisse.sleepschool.org/ 41 KB
30 KB 264ms
202ms Document
text/html 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creditsuisse.sleepschool.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d200f893e752d7fa3a869fa7d0edf8c865a223b557b171d36180611de7121e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: creditsuisse.sleepschool.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 00:15:02 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=0, private, must-revalidate
set-cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D; path=/; secure; HttpOnly
x-request-id: c119ad3f-b1e4-4666-aef5-8515ecc6a3ad
x-runtime: 0.014050
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IoNZtcXWVNAyl6yfXzEXJkz%2BQKW9SIrhp0xyVOvP7acQUbys0hCntj5HclxtEhqphQy1OhXEUc3e5FzeapZ9U4uVVek5cSNJSzHKKQz4x2cjuV3HzJ2RHwE7qrJrscDhY4vDXOKTIJLRBuYHvbM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 691f18c50f28412c-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
creditsuisse.sleepschool.org/assets/ 28 KB
6 KB 151ms
149ms Stylesheet
text/css 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724d1b97dd18a5710662c738220d6fa5d15734b5df52b2fe69b3a1c2fb5397b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:path: /assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
pragma: no-cache
cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: creditsuisse.sleepschool.org
referer: https://creditsuisse.sleepschool.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://creditsuisse.sleepschool.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 691f18c6efe7412c-PRG
date: Tue, 21 Sep 2021 00:15:02 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 11 Jun 2021 05:56:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpBMoqN8aqXbRRY5cwESGA6l%2FnuWDNhz0BnfUrLjcsNsWBO2U0talj5jp0buw3lCgVa5MBc7TduZOXMP%2Fum3M9YWMUZPo36gq0T3q7%2BzivbiE1HFtqRvedN4FCBF%2BzWGK4RG8J4Sul20KAHSoR3e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 application-a4008af4a12b8fd188d5.js Show response
creditsuisse.sleepschool.org/packs/js/ 79 KB
22 KB 184ms
183ms Script
application/javascript 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creditsuisse.sleepschool.org/packs/js/application-a4008af4a12b8fd188d5.js

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7376ecbc19edc28f36bacd5c9913c54838e4211690590d4e76d0a703342c22ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:path: /packs/js/application-a4008af4a12b8fd188d5.js
pragma: no-cache
cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: creditsuisse.sleepschool.org
referer: https://creditsuisse.sleepschool.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://creditsuisse.sleepschool.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 691f18c6ffe9412c-PRG
date: Tue, 21 Sep 2021 00:15:02 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Mon, 12 Jul 2021 12:23:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLXjgYcBMFO6xmPgI8gNBc8LWdcOUFt3gdypDrTNScz1MKr8lAb3kb9lBRONqFS9tWQqD8JBAq4QqG1wjgvLgkmquUxk%2FCTxk95smLvd91Cgbai8W043%2FsBDwTJK9XOaKaXLol4GtzFIFV2M%2FYCu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 108ms
6ms Script
application/javascript 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b7b4485524c7103fd09aa1dc80127e5d4e541a5f81a1c78b074efc73b8b23904

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditsuisse.sleepschool.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1163
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-b-3
Content-Length: 5964
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19137-FRA
X-Player-Backend: p
Expires: Tue, 21 Sep 2021 00:25:39 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1632183302.327531,VS0,VE0
Date: Tue, 21 Sep 2021 00:15:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 185

GET
H/1.1 200
OK creditsuisse.png
sleep-school-app-dev.s3.amazonaws.com/uploads/support_platform_logo/6/ 34 KB
34 KB 191ms
53ms Image
image/png 52.95.150.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleep-school-app-dev.s3.amazonaws.com/uploads/support_platform_logo/6/creditsuisse.png
Requested by: Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.150.33 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe15a6f7c7364d4cdcfff087b4f9cf711ff7a7c80447950af68efc5f268b5561

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditsuisse.sleepschool.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:15:03 GMT
Last-Modified: Mon, 26 Apr 2021 05:50:35 GMT
Server: AmazonS3
x-amz-request-id: BKBMYYK9A9DAVQJY
ETag: "8d3b53faea427007106de863155752c1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 34470
x-amz-id-2: haizWGSLa9wUnzb3WlLSWIUW+jBx6K4driU4bGT3UX8680d6b1jSqA+6YPoB5ynYJqwVENh2+dM=

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c564ae2a16d6857891613d376d98ff4f789a46528b8c654ad250dcc722de758a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 main-background@2x-47290fa39ee7ed750bf44ac35b0f7ee61d141fdfc70e08d7cdd1f3bccdb0beea.png
creditsuisse.sleepschool.org/assets/support_platform/ 28 KB
28 KB 195ms
194ms Image
image/png 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditsuisse.sleepschool.org/assets/support_platform/main-background@2x-47290fa39ee7ed750bf44ac35b0f7ee61d141fdfc70e08d7cdd1f3bccdb0beea.png

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97116a8e6fe4091c08f4e9559717a4a7218cf3c356a36fd23dbda128282b629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:path: /assets/support_platform/main-background@2x-47290fa39ee7ed750bf44ac35b0f7ee61d141fdfc70e08d7cdd1f3bccdb0beea.png
pragma: no-cache
cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: creditsuisse.sleepschool.org
referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:15:02 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28475
last-modified: Wed, 31 Mar 2021 08:51:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFpEEz3bJhNL9XB3zbU14uggkkrkLnn5jymu2TOoihJTAkYI%2BLJ47ERpldt0904PS5tqHijT0tv6616t%2BmIy2DlSilIIXK4ZoZMi2BeXHLAdcAy6ONjQ6tmd9kd123zpD2ETHmxPbpOkATz7hhlA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 691f18c85a2b2790-PRG

GET
H3 200 omnes-regular-9b9282e207cdc3ddfe9154d79440ae8a1db5d6033f1771d01f809deedbcfb8fb.otf
creditsuisse.sleepschool.org/assets/Omnes/ 19 KB
20 KB 210ms
210ms Font
application/vnd.oasis.opendocument.formula-template 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creditsuisse.sleepschool.org/assets/Omnes/omnes-regular-9b9282e207cdc3ddfe9154d79440ae8a1db5d6033f1771d01f809deedbcfb8fb.otf

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71de8e65f3149d2b580a0a9a121d5ddec2bfa2245953d29e3ed3db2ef0f387bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://creditsuisse.sleepschool.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D
:path: /assets/Omnes/omnes-regular-9b9282e207cdc3ddfe9154d79440ae8a1db5d6033f1771d01f809deedbcfb8fb.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: creditsuisse.sleepschool.org
referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
Origin: https://creditsuisse.sleepschool.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:15:02 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19900
last-modified: Wed, 31 Mar 2021 09:34:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIxMyzRvzF60TzwbvL60GesDQ2SSGLQaCyRaiN73jhQXDa1cqA1DuHgI0YXF%2FbArTaLQY4wOpfVX2jRyGlCtDiBiseblaqwBZFkqXBdwjbTZ6oiuyovH8uXjYOvoo1vJ9AkqFXLArCCAOC4GEp1q"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 691f18c85a2c2790-PRG

GET
H3 200 omnes-semibold-da7521a8efe24282d23fd1c06d00c64d26b7fd0230dd5f5576570cd3ca6b96c9.otf
creditsuisse.sleepschool.org/assets/Omnes/ 21 KB
21 KB 225ms
224ms Font
application/vnd.oasis.opendocument.formula-template 172.67.144.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creditsuisse.sleepschool.org/assets/Omnes/omnes-semibold-da7521a8efe24282d23fd1c06d00c64d26b7fd0230dd5f5576570cd3ca6b96c9.otf

Requested by

Host: creditsuisse.sleepschool.org
URL: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.144.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24693d67bfe9e2b03d59002e69e5bef10272193a1a09d1fa1ede832a54e2f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://creditsuisse.sleepschool.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _sleep_school_session=ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D
:path: /assets/Omnes/omnes-semibold-da7521a8efe24282d23fd1c06d00c64d26b7fd0230dd5f5576570cd3ca6b96c9.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: creditsuisse.sleepschool.org
referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://creditsuisse.sleepschool.org/assets/application-113f0ce60bccf56ad5abe1a578beebb76f85048c8ec9f6ff7d99ce4d320b4c69.css
Origin: https://creditsuisse.sleepschool.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:15:02 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21328
last-modified: Wed, 31 Mar 2021 09:34:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehxEsBoZk1fdgEhVAdWnJyliLxS1VnbmcXSbZXZlkJwENLX7xAMdbyriMRQSmN0Y6ciBTKJqsRPYcQSgMSiJbdAtk6BZR5TnZKztWz3Sm9Cj2BKeWedZ7y1CIYEWTjWM0OrS2g0FAhn1tz4mif0P"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 691f18c85a2d2790-PRG

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			creditsuisse.sleepschool.org/	1969-12-31 23:59:59	Name: _sleep_school_session Value: ErGoCuNTm2w%2BHFCTESOb%2FxUsCi2xK%2BcMhFyFU5iV3nTh5XAPX3MNftkOtb3XZE6kbHG4UQTqRq4hE4TUV8Z1wy4QvqOQwr%2BL8vlrSBol5xE8pf8aCv3aczc8ZWJj%2F5ApQ9WTi8puNqRmJtvsqmb97dbNIob1P0w7uLXnThGMiGd2EYfyFXCgXJD3rsndCI5uUfivCO9S1J%2BlSJ1Kv8PmTppc0npfO4yMqhJspSNxUO%2BNEuoPL2lYUGw73D78xyg5n%2FRwLtJ9%2BAQcKlKe%2BKDfLapMUl10waU4Zn7nhis%3D--OgugVRtejQnkK3ZJ--ra84zjM2i8OCKxtkRfhdYg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

creditsuisse.sleepschool.org
player.vimeo.com
sleep-school-app-dev.s3.amazonaws.com
151.101.128.217
172.67.144.76
52.95.150.33
71de8e65f3149d2b580a0a9a121d5ddec2bfa2245953d29e3ed3db2ef0f387bf
724d1b97dd18a5710662c738220d6fa5d15734b5df52b2fe69b3a1c2fb5397b7
7376ecbc19edc28f36bacd5c9913c54838e4211690590d4e76d0a703342c22ca
b7b4485524c7103fd09aa1dc80127e5d4e541a5f81a1c78b074efc73b8b23904
c564ae2a16d6857891613d376d98ff4f789a46528b8c654ad250dcc722de758a
d200f893e752d7fa3a869fa7d0edf8c865a223b557b171d36180611de7121e12
e97116a8e6fe4091c08f4e9559717a4a7218cf3c356a36fd23dbda128282b629
f24693d67bfe9e2b03d59002e69e5bef10272193a1a09d1fa1ede832a54e2f03
fe15a6f7c7364d4cdcfff087b4f9cf711ff7a7c80447950af68efc5f268b5561

creditsuisse.sleepschool.org Open in urlscan Pro 172.67.144.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

169 kBTransfer

298 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

creditsuisse.sleepschool.org Open in urlscan Pro
172.67.144.76 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

169 kB
Transfer

298 kB
Size

1
Cookies

8 HTTP transactions
1 data transactions