office2.nvisionu.com Open in urlscan Pro
20.236.176.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://edu.nvueducation.com/courses/take/fl2-english/
Effective URL:
https://office2.nvisionu.com/
Submission: On April 04 via api (April 4th 2024, 3:53:14 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 44 HTTP transactions. The main IP is 20.236.176.142, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is office2.nvisionu.com.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.

This is the only time office2.nvisionu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:440... 2606:4700:4400::6812:239f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:2250:400:1e:d21e:3d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 2	157.245.164.146 157.245.164.146	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	20.236.176.142 20.236.176.142	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
9	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
44	15

7 2606:4700:4400::6812:239f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

edu.nvueducation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.thinkific.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:400:1e:d21e:3d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.thinkific.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.245.164.146 (Santa Clara, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: abcsrv2.sharedbackoffice.com

fl2.nvisionu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 20.236.176.142 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

office2.nvisionu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.directscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.directscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dscontent.directscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudspark.directscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	directscale.com dscontent.directscale.com api2.directscale.com — Cisco Umbrella Rank: 675385 api.directscale.com — Cisco Umbrella Rank: 762954 cloudspark.directscale.com	2 MB
7	thinkific.com assets.thinkific.com — Cisco Umbrella Rank: 74971 cdn.thinkific.com — Cisco Umbrella Rank: 57559	66 KB
4	nvisionu.com 2 redirects fl2.nvisionu.com office2.nvisionu.com	31 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2709	42 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38 maps.googleapis.com — Cisco Umbrella Rank: 364	79 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	280 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	166 KB
2	nvueducation.com 1 redirects edu.nvueducation.com	37 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 250
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 655	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	6 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	856 B
44	12

	Domain	Requested by
7	dscontent.directscale.com	office2.nvisionu.com dscontent.directscale.com
5	cdn.thinkific.com	edu.nvueducation.com
4	api.directscale.com	office2.nvisionu.com
4	api2.directscale.com	office2.nvisionu.com
3	www.google-analytics.com	edu.nvueducation.com office2.nvisionu.com
2	maps.googleapis.com	office2.nvisionu.com
2	www.googletagmanager.com	office2.nvisionu.com
2	cloudspark.directscale.com
2	fonts.gstatic.com	fonts.googleapis.com
2	office2.nvisionu.com	edu.nvueducation.com
2	fl2.nvisionu.com	2 redirects
2	fonts.googleapis.com	edu.nvueducation.com
2	assets.thinkific.com	edu.nvueducation.com
2	edu.nvueducation.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	bam.nr-data.net	office2.nvisionu.com
1	js-agent.newrelic.com	office2.nvisionu.com
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	edu.nvueducation.com
1	www.google.com	edu.nvueducation.com
44	20

This site contains no links.

Subject Issuer	Validity	Valid
edu.nvueducation.com E1	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.thinkific.com Amazon RSA 2048 M01	`2023-08-16` - `2024-09-14`	a year	crt.sh
*.cdn.thinkific.com E1	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
office2.nvisionu.com R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.directscale.com Go Daddy Secure Certificate Authority - G2	`2023-09-26` - `2024-10-17`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
api2.directscale.com R3	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
api.directscale.com R3	`2024-04-01` - `2024-06-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://office2.nvisionu.com/
Frame ID: 8A3D5D00F81E3C0F26AE51160329B0FC
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | NvisionU

Page URL History Show full URLs

https://edu.nvueducation.com/courses/take/fl2-english/ HTTP 302
https://edu.nvueducation.com/users/sign_in Page URL
https://fl2.nvisionu.com/ HTTP 302
https://fl2.nvisionu.com/v1/ HTTP 302
https://office2.nvisionu.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

15
IPs

3
Countries

2819 kB
Transfer

4199 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://edu.nvueducation.com/courses/take/fl2-english/ HTTP 302
https://edu.nvueducation.com/users/sign_in Page URL
https://fl2.nvisionu.com/ HTTP 302
https://fl2.nvisionu.com/v1/ HTTP 302
https://office2.nvisionu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://edu.nvueducation.com/courses/take/fl2-english/ HTTP 302
https://edu.nvueducation.com/users/sign_in

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sign_in
edu.nvueducation.com/users/
Redirect Chain

https://edu.nvueducation.com/courses/take/fl2-english/
https://edu.nvueducation.com/users/sign_in

290 KB
36 KB

412ms
412ms

Document
text/html

2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86f2782628c04da1-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 15:53:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 693aabe6d9c249645e522e950ba8e2e0
x-runtime: 0.272294
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86f278238dc34da1-FRA
content-type: text/html; charset=utf-8
date: Thu, 04 Apr 2024 15:53:06 GMT
location: https://edu.nvueducation.com/users/sign_in
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 4a11ea72a208d4649b19e8b38a602481
x-runtime: 0.070678

GET
H2 200 custom_site_theme_required-56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e.css
assets.thinkific.com/assets/ 56 KB
10 KB 94ms
21ms Stylesheet
text/css 2600:9000:2250:400:1e:d21e:3d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thinkific.com/assets/custom_site_theme_required-56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e.css
Requested by: Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:400:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 Nov 2023 18:19:02 GMT
content-encoding: gzip
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 18:14:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 10964045
etag: W/"705ea6d82c05fee0e289e28120158c10"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: c2_fO-fkBtLASPO0q2hKgqy49OUPp4PutzgENTEtFsO8nxRIpcc0Xg==

GET
H2 200 toga-icons.css
cdn.thinkific.com/assets/toga-css/1.1.13/fonts/ 8 KB
2 KB 98ms
45ms Stylesheet
text/css 2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thinkific.com/assets/toga-css/1.1.13/fonts/toga-icons.css

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a277f167248ccbbf09751d63867b3f258aa24629cec669071319124906fe320e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: HgqHsmEqpLdWxjp_x0l1KRB3ByX.x6uj
age: 169030
x-amz-request-id: YDE3C6R0QMGJ5CZQ
x-amz-server-side-encryption: AES256
x-amz-id-2: 5f+pI+ZzD8zY3xirhIKn0mCMVJSkd6Y0IGO+JyLd1584jvPbB4zhcyrSj7E8eo6r1FfVX4jExwI=
last-modified: Wed, 27 Mar 2024 19:58:39 GMT
server: cloudflare
etag: W/"17e65401ae2de9f50ccd74113f50c476"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f278291c175d65-FRA
expires: Fri, 04 Apr 2025 15:53:06 GMT

GET
H2 200 toga-product-icons.css
cdn.thinkific.com/assets/toga-css/1.1.13/fonts/ 3 KB
1 KB 99ms
47ms Stylesheet
text/css 2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thinkific.com/assets/toga-css/1.1.13/fonts/toga-product-icons.css

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: L4egKEohOdLn_PL7u29Fr9reaVOLgl83
age: 169030
x-amz-request-id: YDEE9JHRN16HKS1K
x-amz-server-side-encryption: AES256
x-amz-id-2: 5/OWRSDXGpABGp20P7jqM6GGAkU/vfALAI4DqltDgSlmawRTNfZfII4c05HKykAvl3l9LcFfgBM=
last-modified: Wed, 27 Mar 2024 19:58:39 GMT
server: cloudflare
etag: W/"64588782dc5242aeacd3e433561a2e09"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 86f278291c165d65-FRA
expires: Fri, 04 Apr 2025 15:53:06 GMT

GET
H2 200 jquery.min.js Show response
cdn.thinkific.com/assets/jquery/3.5.1/ 87 KB
31 KB 49ms
46ms Script
application/javascript 2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thinkific.com/assets/jquery/3.5.1/jquery.min.js

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: iB1xoseNTHyIOxrd7VcXBzFMpYPAUMls
age: 1893170
x-amz-request-id: VW7J3P4SM61RKQ4T
x-amz-server-side-encryption: AES256
x-amz-id-2: 3VO3OZKACRDF9yvUNl/Gqc+UaWcVUQsqa11a+6IpnHIJyKfRzeBCKCRzzP9zabuBP+73gUcu8gg=
last-modified: Fri, 02 Feb 2024 18:09:05 GMT
server: cloudflare
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f278295c415d65-FRA
expires: Fri, 04 Apr 2025 15:53:06 GMT

GET
H2 200 jquery-migrate.js Show response
cdn.thinkific.com/assets/jquery-migrate/3.3.1/ 24 KB
8 KB 52ms
49ms Script
application/javascript 2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thinkific.com/assets/jquery-migrate/3.3.1/jquery-migrate.js

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Vxvb3HQGlL1b7Hzd27Munq8HfL2iir9J
age: 1888305
x-amz-request-id: PX1JW9PYV3J1H8XE
x-amz-server-side-encryption: AES256
x-amz-id-2: Hmm7AaiPD0COwLBJW2A3cgAQCiA8LiBHzs2O+uChhd/poVFKVUe3kyEqr88K7Rd7HTnCQNAxSFg=
last-modified: Fri, 02 Feb 2024 18:09:05 GMT
server: cloudflare
etag: W/"a2567f79a66b943e14eea52ff1027af0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f278295c425d65-FRA
expires: Fri, 04 Apr 2025 15:53:06 GMT

GET
H2 200 rails.min.js Show response
cdn.thinkific.com/assets/jquery-ujs/1.2.2/ 9 KB
3 KB 56ms
54ms Script
application/javascript 2606:4700:4400::6812:239f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thinkific.com/assets/jquery-ujs/1.2.2/rails.min.js

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: YDugxUjmVzvaOLOQs7oDGYqLwWmJUfe9
age: 1888305
x-amz-request-id: PX1TA4ABFXY4TVDX
x-amz-server-side-encryption: AES256
x-amz-id-2: L7EAHyyl6wdzPSXT5ntRM0scOvHSlLXDX90EQUFOGvBN5EwGyFRFCX56H39oOYXse7c8DNjRSX4=
last-modified: Fri, 02 Feb 2024 18:09:05 GMT
server: cloudflare
etag: W/"d612716f523552c340705dcbb89fdd5a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86f278295c435d65-FRA
expires: Fri, 04 Apr 2025 15:53:06 GMT

GET
H2 200 application-themes-v2-c709a110baebe1a179f2aadb060b9e2ba211b1d2bfe66c5515f2ad3976eff263.js Show response
assets.thinkific.com/assets/ 33 KB
11 KB 24ms
22ms Script
application/javascript 2600:9000:2250:400:1e:d21e:3d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thinkific.com/assets/application-themes-v2-c709a110baebe1a179f2aadb060b9e2ba211b1d2bfe66c5515f2ad3976eff263.js
Requested by: Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:400:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2235cb7f020758bdc9d09704eb9da1a8d27969737d82798f804417f5e08cb6df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 07 Mar 2024 18:41:38 GMT
content-encoding: gzip
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Mar 2024 18:37:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2409089
etag: W/"19ac3d7688a2affa9bbb52d50c6dc484"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Th5C6GrFZ3juSKdtYYtLcBUwxoMmwdS6WSGuov-lTnk-SfywxYMpDg==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
856 B 73ms
30ms Script
text/javascript 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 04 Apr 2024 15:53:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
903 B 76ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,400i,500,600,700,800,900&display=swap

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e758503fc159bce0090cbf98b7c8139cf8d773ea11881ed9a7fff7b7393df141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Apr 2024 15:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 15:53:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Apr 2024 15:53:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:100,200,300,400,400i,500,600,700,800,900&display=swap

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Apr 2024 15:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 15:53:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Apr 2024 15:53:06 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 58ms
34ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 72761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcnHZy7SEdkLbQdqZkD%2FnRX%2FvYpn8LYPj8vknJLySK7XNmrwqrWiJO64vlP9cppy%2Br0n3lCZ6%2Bx3jNKeed4nXWBY4rkLQUwatF0YJiXQRLOyUKQqne6qqlLH2sroqB5JsJcrsN2x"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86f278298b7618d6-FRA
expires: Tue, 25 Mar 2025 15:53:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Apr 2024 15:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 298
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Apr 2024 17:48:08 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://edu.nvueducation.com/
Origin: https://edu.nvueducation.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:41:59 GMT

GET
H2

200

Primary Request / Show response
office2.nvisionu.com/
Redirect Chain

https://fl2.nvisionu.com/
https://fl2.nvisionu.com/v1/
https://office2.nvisionu.com/

27 KB
27 KB

505ms
136ms

Document
text/html

20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://office2.nvisionu.com/

Requested by

Host: edu.nvueducation.com
URL: https://edu.nvueducation.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Express

Resource Hash

fb9a6d824503a7e93b64eb3f4b263bf23cd83280e0ff6e620339da5083469a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edu.nvueducation.com/users/sign_in
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 27542
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 15:53:08 GMT
etag: W/"6b96-18637fc1bda"
expires: -1
last-modified: Thu, 09 Feb 2023 21:01:54 GMT
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Apr 2024 15:53:07 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=199
Location: https://office2.nvisionu.com/#/Login
Pragma: no-cache
Server: Apache
X-BO: bo

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 65ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,400,400i,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://edu.nvueducation.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 15:53:06 GMT
x-content-type-options: nosniff
age: 432001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 15:53:06 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 91ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,400i,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://edu.nvueducation.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 253143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 17:34:04 GMT

GET
H2 200 ac101f52.cloudsparkbackoffice-shared-vendor.css
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/ 120 KB
120 KB 202ms
47ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/ac101f52.cloudsparkbackoffice-shared-vendor.css

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a71d70f26695ef4003c74b7fab65170bd63196f7d04e5bce706a38c7c2976928

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 1918
x-azure-ref: 20240404T155308Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001usty
x-cache: TCP_HIT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 122590

GET
H2 200 27078eff.cloudsparkbackoffice-login.css
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/ 219 KB
219 KB 202ms
47ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/27078eff.cloudsparkbackoffice-login.css

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa9f76dc60fbeaad34e708a10b0823891b00adf1d0050911c6688a9808fabd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 70139
x-azure-ref: 20240404T155308Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001ustz
x-cache: TCP_HIT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 224054

GET
H2 200 1cc38226.cloudsparkbackoffice-shared-vendor.js Show response
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/js/ 1 MB
1 MB 97ms
72ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/js/1cc38226.cloudsparkbackoffice-shared-vendor.js

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

24900f1ead0919746f6a888c4c5e5da3c226ca5623cca9a665e315fa0d0e2ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 61037
x-azure-ref: 20240404T155308Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001usu1
x-cache: TCP_HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 1559787

GET
H2 200 667f4e6c.cloudsparkbackoffice-login.js Show response
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/js/ 93 KB
93 KB 73ms
47ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/js/667f4e6c.cloudsparkbackoffice-login.js

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c6fd3272c3677407d552cc691c90521e1b5f0c14ec5271ba0e28b6e888cade7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 69588
x-azure-ref: 20240404T155308Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001usu0
x-cache: TCP_HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 95203

GET
H2 200 nr-spa-1130.min.js Show response
js-agent.newrelic.com/ 34 KB
14 KB 66ms
21ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1130.min.js

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wj4.vYYL01cyR2aY30BoUXy3YgyvwUZA
content-encoding: br
via: 1.1 varnish
date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=300
x-amz-request-id: STCVK0H7KMGGXTWQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13771
x-amz-id-2: Jc75UUCiKrwAzAGfFvwDK0N6XA8ecDahBjJLHkbHelAs2yZiddZyYe14QAjZ2uR2N3HX2/SsJRM=
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Wed, 18 Oct 2023 21:30:36 GMT
server: AmazonS3
etag: "312761e7cd4a61f0ea2e2e6265f5f365"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 848

GET
H2 200 GetCommonSettings Show response
api2.directscale.com/api/CommonSettings/ 8 KB
9 KB 568ms
266ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.directscale.com/api/CommonSettings/GetCommonSettings?countryCode=default

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0f18bd0ed267f4b033342373b4a26cd33747b1fa43c426e8a3f282b3bafcee3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 8696
content-type: application/json; charset=utf-8

GET
H2 200 GetPageSetting Show response
api2.directscale.com/api/CommonSettings/ 1 KB
1 KB 440ms
139ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.directscale.com/api/CommonSettings/GetPageSetting?Key=global

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3313ea43ca6304eef1f43cb16cbca0a8f7d4363b0910b5cb07cfaede7f994d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1039
content-type: application/json; charset=utf-8

GET
H2 200 Details Show response
api2.directscale.com/api/Company/ 553 B
703 B 557ms
267ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.directscale.com/api/Company/Details

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ffb6c4db9f9dda8333c3f891bf806d66158f29f62a21c36f53b1d04e8433342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 553
content-type: application/json; charset=utf-8

GET
H2 200 GetPageSetting Show response
api2.directscale.com/api/CommonSettings/ 147 B
297 B 430ms
140ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.directscale.com/api/CommonSettings/GetPageSetting?Key=loginOrAuthentication

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53a4d9541df9fed094df453983d674b7a50ba6a724d46f4afdbe0e16b943ffd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 147
content-type: application/json; charset=utf-8

GET
H2 200 noimage.png
office2.nvisionu.com/assets/img/ 2 KB
3 KB 135ms
135ms Image
image/png 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://office2.nvisionu.com/assets/img/noimage.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ Express

Resource Hash

6a72310c55ff13abb05421e7a9e90092b4a98e60949deb6ffcf2f3782d70837a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 04 Jan 2023 20:23:51 GMT
x-powered-by: Express
etag: W/"999-1857e7453d8"
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 2457
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 Roboto-Regular-webfont.woff
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/roboto/ 24 KB
25 KB 129ms
49ms Font
font/woff 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/roboto/Roboto-Regular-webfont.woff

Requested by

Host: dscontent.directscale.com
URL: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/27078eff.cloudsparkbackoffice-login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/27078eff.cloudsparkbackoffice-login.css
Origin: https://office2.nvisionu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 14632
x-azure-ref: 20240404T155308Z-k682kf7ah13h336s7mvhxqk1ew00000002r000000001chsu
x-cache: TCP_HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 25020

GET
H2 200 Material-Design-Iconic-Font.woff2
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/ 37 KB
38 KB 129ms
50ms Font
font/woff2 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: dscontent.directscale.com
URL: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/ac101f52.cloudsparkbackoffice-shared-vendor.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/ac101f52.cloudsparkbackoffice-shared-vendor.css
Origin: https://office2.nvisionu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 74617
x-azure-ref: 20240404T155308Z-k682kf7ah13h336s7mvhxqk1ew00000002r000000001chsv
x-cache: TCP_HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 38384

GET
H/1.1 402 f81264af3e
bam.nr-data.net/1/ 0
0 150ms
29ms Script
application/json 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f81264af3e?a=456295804&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=1760&ref=https://office2.nvisionu.com/&be=1554&fe=1690&dc=1690&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1712245987051,%22n%22:0,%22f%22:764,%22dn%22:864,%22dne%22:864,%22c%22:864,%22s%22:997,%22ce%22:1133,%22rq%22:1133,%22rp%22:1269,%22rpe%22:1402,%22dl%22:1272,%22di%22:1689,%22ds%22:1689,%22de%22:1690,%22dc%22:1690,%22l%22:1690,%22le%22:1691%7D,%22navigation%22:%7B%7D%7D&fp=1582&fcp=1735&jsonp=NREUM.setToken
Requested by: Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230022-FRA
date: Thu, 04 Apr 2024 15:53:08 GMT
Connection: keep-alive
Content-Length: 2
content-type: application/json; charset=UTF-8

GET
H2 200 en-US Show response
api.directscale.com/Strings/nvisionu/Office2/ 108 KB
32 KB 439ms
139ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.directscale.com/Strings/nvisionu/Office2/en-US

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee4491d4505a6e1626944f378e3a0aca12200af400128e8569d1fd8eaa3dc48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 32586
content-type: application/json

GET
H2 200 / Show response
api.directscale.com/ExternalServices/ 753 B
898 B 712ms
411ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.directscale.com/ExternalServices/?client=nvisionu

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2776fe4c3b8efd4c58da5b459c4ca8ee232dd55757c6c4ea874de956886eb5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8

GET
H2 200 Office2 Show response
api.directscale.com/Site/Info/nvisionu/ 2 KB
2 KB 576ms
276ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.directscale.com/Site/Info/nvisionu/Office2

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ddea6e6adcdb055442ea60522129789413077d3a86cfe7ce10c80984f7bba78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8

GET
H2 200 nvisionu Show response
api.directscale.com/LoginContent/ 2 B
148 B 438ms
138ms XHR
application/json 20.236.176.142
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.directscale.com/LoginContent/nvisionu

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.236.176.142 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 15:53:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json; charset=utf-8

GET
H2 200 fbe98cd4-fcb3-4a4a-9dd9-d4a05fa9f197
cloudspark.directscale.com/nvisionu/images/ 7 KB
8 KB 725ms
662ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudspark.directscale.com/nvisionu/images/fbe98cd4-fcb3-4a4a-9dd9-d4a05fa9f197
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6b61d261ae6ff360bb2d9372f3d57146b3c90f97bc73013225fd354d77851386

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 15:53:10 GMT
last-modified: Fri, 05 Aug 2022 04:24:49 GMT
etag: 0x8DA769A6F52899A
x-azure-ref: 20240404T155309Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001usys
x-cache: TCP_MISS
content-type: image/png
x-ms-request-id: d6e3f45b-e01e-002e-32a8-86293e000000
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 7560

GET
H2 200 3c9d1794-d0dd-4b48-81a9-2d87e0b46fc8
cloudspark.directscale.com/nvisionu/images/ 962 B
1 KB 702ms
638ms Other
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudspark.directscale.com/nvisionu/images/3c9d1794-d0dd-4b48-81a9-2d87e0b46fc8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c5196c8c3239c343e82e9a9b6af2d1c3807bec45c3dc8262b395a042135577a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Apr 2024 15:53:10 GMT
last-modified: Fri, 05 Aug 2022 04:25:59 GMT
etag: 0x8DA769A996DCD8B
x-azure-ref: 20240404T155309Z-8d3vgzgm4h27me8qahp5fa7fyg0000000bbg00000001usyr
x-cache: TCP_MISS
content-type: image/png
x-ms-request-id: 452b9b3b-a01e-004f-32a8-866de1000000
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 962

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKQ7N5

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3472f005c7f92a6b2b59b78f134d37e63cbb33aa4a6c52f2c02e2421e467f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77708
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Apr 2024 15:53:10 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 234 KB
76 KB 93ms
43ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyDJCz5NbVLwwnb0KSjqII6-HGBn8tQeYQM

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e28744a3aeeae18d9ce873b63a5ace0d51c00ad9c4a549e51fd3a284bf1ff1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77938
x-xss-protection: 0

GET
H2 200 Roboto-Bold-webfont.woff
dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/roboto/ 24 KB
25 KB 51ms
51ms Font
font/woff 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/fonts/roboto/Roboto-Bold-webfont.woff

Requested by

Host: dscontent.directscale.com
URL: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/27078eff.cloudsparkbackoffice-login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://dscontent.directscale.com/Remote/directscale.office2.directscale.com/assets/css/27078eff.cloudsparkbackoffice-login.css
Origin: https://office2.nvisionu.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
age: 14633
x-azure-ref: 20240404T155310Z-k682kf7ah13h336s7mvhxqk1ew00000002r000000001chw6
x-cache: TCP_HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public,max-age=1536000
x-fd-int-roxy-purgeid: 56350821
accept-ranges: bytes
content-length: 24808

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
90 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CEC94C44YD&l=dataLayer&cx=c

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17ac177787a4984ec8007a70b5726cd86cd9b70fd0d93f04d62d3798c618ba60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91923
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Apr 2024 15:53:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
18ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Apr 2024 15:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Apr 2024 17:48:08 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 34ms
34ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://office2.nvisionu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 74ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CEC94C44YD&gtm=45je4410v869482518z872358681za200&_p=1712245988612&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1253235685.1712245990&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712245990&sct=1&seg=0&dl=https%3A%2F%2Foffice2.nvisionu.com%2F&dr=https%3A%2F%2Fedu.nvueducation.com%2F&dt=Login%20%7C%20NvisionU&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3217
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEC94C44YD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 15:53:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office2.nvisionu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 25ms
25ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=148908056&t=pageview&_s=1&dl=https%3A%2F%2Foffice2.nvisionu.com%2F&dr=https%3A%2F%2Fedu.nvueducation.com%2F&ul=en-us&de=UTF-8&dt=Login%20%7C%20NvisionU&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAAABAAAAAC~&jid=593719492&gjid=2097418156&cid=1253235685.1712245990&tid=UA-113457569-1&_gid=1207599211.1712245990&_r=1&_slc=1&gtm=45He4410n71TKQ7N5v72358681za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1005577582

Requested by

Host: office2.nvisionu.com
URL: https://office2.nvisionu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://office2.nvisionu.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 15:53:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office2.nvisionu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
edu.nvueducation.com/	1969-12-31 23:59:59	Name: visitor_id Value: 2434805987
.edu.nvueducation.com/	1970-01-20 19:37:27	Name: __cf_bm Value: 3NI1cD4Kb.BmGVRl80R6LaEe.U4VnRWqrZh1FcyCGTQ-1712245986-1.0.1.1-HQwHRSBH__YaT1cxnpOoMFTIyG7MUH2ATrbs3pO7mCwgX1DDMpaQdRUzWSdu0Uq4HAhV2BMnWhVBZQregs0kVA
edu.nvueducation.com/	1969-12-31 23:59:59	Name: _thinkific_session Value: NWF3TUlISktLdGNQaXZFT2J3KzNaWXdONC9uUEE2WVVEbXRWbkZrWDZPREFLMGlrOEZyWkJHUjNPUGxMNHBCNlNnaVdoN2tIZkdicUYwaWZMZjJyS2hwZVJlOVBuRlEzL05yaFc1QnNUUmw4YmJqREhZWGdoaE1PM1hLN0o0cWJvRlNVRTRQNXN3T1BOd0hEbFdFK05CamFaZk5TMWNteEdLc0JaUXlvNUFWWDkzOVB1cGJTcHV4Y0NtaFBiZ1dVN2xkWGFvUVJKQWJPVHgzUUtUN2F0RjU0RHhjeFQzNUVGc0IrNXhjSkUzbkRxY3NkdHlUZjJaY0k0ZUZhUEM0aEtBSFpMaXQxY2lpWmUwU0dRN2FVdjcxRkdGUE53NnQyTlpPcjBwL3hQK2c9LS1rVGh1TmRmc25VN01vZ0ppbXlHMkVnPT0%3D--dba545d0e3e8bfabe2047d403de2e1a84fa27f41
.thinkific.com/	1970-01-20 19:37:27	Name: __cf_bm Value: vJtFYCwCHkWu6EXWy9dd4TZhI5GSG.GjzrKJa2Hwl.Q-1712245986-1.0.1.1-8h1w4vPUgtljegU65cBSgICx_PRJU9hq_k6CcDZO.ZGCKhwixQ2YOTONMx61wJwpBi1AS8f2c5FS7WAn851WQg
.fl2.nvisionu.com/	1970-01-20 19:47:30	Name: backoffice Value: f5e5a3e747cc357b95a4bcc3e40437f9
.nvisionu.com/	1970-01-21 04:23:01	Name: authUser Value: %7B%7D
.nvisionu.com/	1970-01-21 05:13:25	Name: _ga Value: GA1.1.1253235685.1712245990
.nvisionu.com/	1970-01-21 05:13:25	Name: _ga_CEC94C44YD Value: GS1.1.1712245990.1.0.1712245990.0.0.0
.office2.nvisionu.com/	1970-01-21 05:13:25	Name: _ga Value: GA1.3.1253235685.1712245990
.office2.nvisionu.com/	1970-01-20 19:38:52	Name: _gid Value: GA1.3.1207599211.1712245990
.office2.nvisionu.com/	1970-01-20 19:37:26	Name: _gat_UA-113457569-1 Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://edu.nvueducation.com/users/sign_in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://edu.nvueducation.com/users/sign_in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://edu.nvueducation.com/users/sign_in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://edu.nvueducation.com/users/sign_in Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://edu.nvueducation.com/users/sign_in(Line 138) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://office2.nvisionu.com/#/Login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://bam.nr-data.net/1/f81264af3e?a=456295804&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=1760&ref=https://office2.nvisionu.com/&be=1554&fe=1690&dc=1690&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1712245987051,%22n%22:0,%22f%22:764,%22dn%22:864,%22dne%22:864,%22c%22:864,%22s%22:997,%22ce%22:1133,%22rq%22:1133,%22rp%22:1269,%22rpe%22:1402,%22dl%22:1272,%22di%22:1689,%22ds%22:1689,%22de%22:1690,%22dc%22:1690,%22l%22:1690,%22le%22:1691%7D,%22navigation%22:%7B%7D%7D&fp=1582&fcp=1735&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 402 ()
deprecation	warning	URL: https://office2.nvisionu.com/(Line 30) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.directscale.com
api2.directscale.com
assets.thinkific.com
bam.nr-data.net
cdn.thinkific.com
cdnjs.cloudflare.com
cloudspark.directscale.com
dscontent.directscale.com
edu.nvueducation.com
fl2.nvisionu.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maps.googleapis.com
office2.nvisionu.com
region1.google-analytics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
142.250.74.196
157.245.164.146
162.247.243.29
172.217.18.10
20.236.176.142
2001:4860:4802:34::36
2600:9000:2250:400:1e:d21e:3d00:93a1
2602:816:5001::39
2606:4700:4400::6812:239f
2620:1ec:bdf::45
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
0eb1d1903c6765eb52f6fba4dd782620116b398b8f11de986533eafcd838b616
0f18bd0ed267f4b033342373b4a26cd33747b1fa43c426e8a3f282b3bafcee3f
17ac177787a4984ec8007a70b5726cd86cd9b70fd0d93f04d62d3798c618ba60
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddea6e6adcdb055442ea60522129789413077d3a86cfe7ce10c80984f7bba78
2235cb7f020758bdc9d09704eb9da1a8d27969737d82798f804417f5e08cb6df
24900f1ead0919746f6a888c4c5e5da3c226ca5623cca9a665e315fa0d0e2ff8
2776fe4c3b8efd4c58da5b459c4ca8ee232dd55757c6c4ea874de956886eb5f7
2c6fd3272c3677407d552cc691c90521e1b5f0c14ec5271ba0e28b6e888cade7
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53a4d9541df9fed094df453983d674b7a50ba6a724d46f4afdbe0e16b943ffd3
56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e
6a72310c55ff13abb05421e7a9e90092b4a98e60949deb6ffcf2f3782d70837a
6b61d261ae6ff360bb2d9372f3d57146b3c90f97bc73013225fd354d77851386
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a
9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a277f167248ccbbf09751d63867b3f258aa24629cec669071319124906fe320e
a3472f005c7f92a6b2b59b78f134d37e63cbb33aa4a6c52f2c02e2421e467f2e
a71d70f26695ef4003c74b7fab65170bd63196f7d04e5bce706a38c7c2976928
c5196c8c3239c343e82e9a9b6af2d1c3807bec45c3dc8262b395a042135577a4
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e28744a3aeeae18d9ce873b63a5ace0d51c00ad9c4a549e51fd3a284bf1ff1d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e758503fc159bce0090cbf98b7c8139cf8d773ea11881ed9a7fff7b7393df141
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
ee4491d4505a6e1626944f378e3a0aca12200af400128e8569d1fd8eaa3dc48e
f3313ea43ca6304eef1f43cb16cbca0a8f7d4363b0910b5cb07cfaede7f994d2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa9f76dc60fbeaad34e708a10b0823891b00adf1d0050911c6688a9808fabd1a
fb9a6d824503a7e93b64eb3f4b263bf23cd83280e0ff6e620339da5083469a56
ffb6c4db9f9dda8333c3f891bf806d66158f29f62a21c36f53b1d04e8433342a

office2.nvisionu.com Open in urlscan Pro 20.236.176.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

63 %IPv6

12 Domains

20 Subdomains

15 IPs

3 Countries

2819 kBTransfer

4199 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

office2.nvisionu.com Open in urlscan Pro
20.236.176.142 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

15
IPs

3
Countries

2819 kB
Transfer

4199 kB
Size

11
Cookies

44 HTTP transactions
0 data transactions