urlscan.io logo urlscan.io
SecurityTrails logo

applicant.examone.com Open in urlscan Pro
20.124.205.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://applicant.examone.com/Login/ActivateAccount/c4a8fe43-471c-4ca3-961f-fbf19aed8990
Effective URL: https://applicant.examone.com/
Submission: On April 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 20.124.205.197, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is applicant.examone.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 16th 2024. Valid for: a year.
This is the only time applicant.examone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 20.124.205.197 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 5
Apex Domain
Subdomains		 Transfer
12 examone.com
applicant.examone.com
275 KB
2 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1272
29 KB
1 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 306
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
47 KB
16 4
Domain Requested by
12 applicant.examone.com 1 redirects applicant.examone.com
2 tags.tiqcdn.com applicant.examone.com
tags.tiqcdn.com
1 cdn.cookielaw.org tags.tiqcdn.com
cdn.cookielaw.org
1 www.googletagmanager.com applicant.examone.com
16 4

This site contains links to these domains. Also see Links.

Domain
www.myexamone.com
www.questdiagnostics.com
Subject Issuer Validity Valid
applicant.examone.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-16 -
2025-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://applicant.examone.com/
Frame ID: 80E48831CCEF6784F56508BFE32A99D1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ExamOne® Inside Look Online - Log In

Page URL History Show full URLs

  1. https://applicant.examone.com/Login/ActivateAccount/c4a8fe43-471c-4ca3-961f-fbf19aed8990 HTTP 302
    https://applicant.examone.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

16
Requests

94 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

357 kB
Transfer

809 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://applicant.examone.com/Login/ActivateAccount/c4a8fe43-471c-4ca3-961f-fbf19aed8990 HTTP 302
    https://applicant.examone.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
applicant.examone.com/
Redirect Chain
  • https://applicant.examone.com/Login/ActivateAccount/c4a8fe43-471c-4ca3-961f-fbf19aed8990
  • https://applicant.examone.com/
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
242e5c9ee37864dbc64c739ade3d641316c4f05fbd3bc47fec585865e76bac79
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
3518
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 18:27:09 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private
Content-Length
118
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 18:27:09 GMT
Location
/
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
css
applicant.examone.com/Content/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/Content/css?v=KyKpL-v-_GsgFXvWjYKUHPxKRfpZ26WwG-CmjZx5pTs1
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68c3b3807f6663bcb9d5439361aeb8cb8c75556a6b0248a2e5386eccef61544d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 23 Apr 2024 18:27:09 GMT
Referrer-Policy
no-referrer-when-downgrade
Date
Tue, 23 Apr 2024 18:27:09 GMT
Vary
User-Agent,Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
11725
X-XSS-Protection
1; mode=block
Expires
Wed, 23 Apr 2025 18:27:09 GMT
css
applicant.examone.com/Content/themes/base/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/Content/themes/base/css?v=kbpUHcogyObdz_pwyyv4jsgAJCp5R9Ylg7twXayXYqU1
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e8e5b4482a68e061985ebd07d185a0e942e2bca58e1c5a717ccd3fd1d9b390b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 23 Apr 2024 18:27:10 GMT
Referrer-Policy
no-referrer-when-downgrade
Date
Tue, 23 Apr 2024 18:27:09 GMT
Vary
User-Agent,Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
4259
X-XSS-Protection
1; mode=block
Expires
Wed, 23 Apr 2025 18:27:10 GMT
jQuery
applicant.examone.com/bundles/ 		88 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/bundles/jQuery?v=87i4SMPAhhuNoT09QurreSkjJR0HBYKAAk5cP2x5Bl01
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a4124a659e6948780c258f342769bcfd3969b4b173e5b4bfc77acf7805b4f25
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 23 Apr 2024 18:27:10 GMT
Referrer-Policy
no-referrer-when-downgrade
Date
Tue, 23 Apr 2024 18:27:09 GMT
Vary
User-Agent,Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
40580
X-XSS-Protection
1; mode=block
Expires
Wed, 23 Apr 2025 18:27:10 GMT
js
applicant.examone.com/bundles/ 		284 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/bundles/js?v=o1iQWGl5Q8dXuMy-GhWRyTPvlTBtgf1mRa95MsL9wqM1
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0bd4b1bb46085df36d8082b9b9126d34b78f17abb15ee08f1a9e846d65d3ae1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Last-Modified
Tue, 23 Apr 2024 18:27:10 GMT
Referrer-Policy
no-referrer-when-downgrade
Date
Tue, 23 Apr 2024 18:27:09 GMT
Vary
User-Agent,Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
public
X-XSS-Protection
1; mode=block
Expires
Wed, 23 Apr 2025 18:27:10 GMT
examone_logo.jpg
applicant.examone.com/images/examone/en-us/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://applicant.examone.com/images/examone/en-us/examone_logo.jpg
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27780dbf709a60248ad3cc2c40ae638c17a60127d6a812be893cd1cfa84dbfa0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 19:16:56 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"044dbc8271ad91:0"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
40671
X-XSS-Protection
1; mode=block
intro.jpg
applicant.examone.com/images/examone/en-us/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://applicant.examone.com/images/examone/en-us/intro.jpg
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ac0dd8e295372d8a0cee4b4d793061b512fa15761b7112e7290fcb95620080e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 19:18:08 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"098c5f3271ad91:0"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
53537
X-XSS-Protection
1; mode=block
privacyoptions.svg
applicant.examone.com/images/CanadaPrivacyLogo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://applicant.examone.com/images/CanadaPrivacyLogo/privacyoptions.svg
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 22 Dec 2023 15:49:32 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"08e5d74ee34da1:0"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1793
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K3QW9Q
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec392b9d0068feb2c04d8bdf6a5bfd61dfa267bc3e3cf4ec03c71130f8cc133e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 18:27:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48121
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Apr 2024 18:27:10 GMT
right-tab1.jpg
applicant.examone.com/images/examone/en-us/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://applicant.examone.com/images/examone/en-us/right-tab1.jpg
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/Content/css?v=KyKpL-v-_GsgFXvWjYKUHPxKRfpZ26WwG-CmjZx5pTs1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b46013b3832bc06f8c4ddaa050a1c8fa6cce43fb134c5a639f674b336684bad
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/Content/css?v=KyKpL-v-_GsgFXvWjYKUHPxKRfpZ26WwG-CmjZx5pTs1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 19:16:56 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"044dbc8271ad91:0"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5810
X-XSS-Protection
1; mode=block
buttonbg.jpg
applicant.examone.com/images/ExamOne/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://applicant.examone.com/images/ExamOne/buttonbg.jpg
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/Content/css?v=KyKpL-v-_GsgFXvWjYKUHPxKRfpZ26WwG-CmjZx5pTs1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0bcd27369ca2eb196f50eb4e3b35b1127bb6096c1aa7ebb77cd75bc0cb9ccc1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/Content/css?v=KyKpL-v-_GsgFXvWjYKUHPxKRfpZ26WwG-CmjZx5pTs1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 19:16:56 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"044dbc8271ad91:0"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1075
X-XSS-Protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/questdiagnostics/main/prod/ 		120 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/questdiagnostics/main/prod/utag.js
Requested by
Host: applicant.examone.com
URL: https://applicant.examone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:e600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa5b038a5a5505f0dfd3c45428c1ff3591b637ccda432ef3e35d4b6662e304ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ETpCoHDDdGPGUWhnsZ3ueklE5ayPIAWw
content-encoding
br
via
1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront)
date
Tue, 23 Apr 2024 18:27:10 GMT
x-amz-cf-pop
FRA60-P9
age
10
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
last-modified
Thu, 11 Apr 2024 15:40:51 GMT
server
AmazonS3
etag
W/"9dbfa15ed0c7e0decc2fecd072ae5062"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
TbF2r9mXw2oAag1aAL8KoXklS-kfhfaHG7FZ98iqEWRRNq8edstv1A==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/questdiagnostics/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Apr 2024 18:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pg1MHDpg+UGdovxhidM4Kg==
age
10417
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6839
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:15 GMT
server
cloudflare
etag
0x8DC629251693167
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c4891f4a-201e-0075-77cf-9452af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
878fe7f8999765bd-FRA
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=questdiagnostics/main/202404111539&cb=1713896830792
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/questdiagnostics/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:e600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Tue, 23 Apr 2024 18:21:07 GMT
via
1.1 32c1b1f3aed1f2411468b70713ad6556.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
twGGqykOyz8n3nhHuQ4NTswIT8YInReMPcysEb_Uf_Kj5-9UIJbLpA==
96ac1b7b-0784-41e9-9c8e-2ca25ee15da1.json
cdn.cookielaw.org/consent/96ac1b7b-0784-41e9-9c8e-2ca25ee15da1/ 		0
0
favicon.ico
applicant.examone.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://applicant.examone.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.124.205.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e86fabc1bf826a2f9e186a90cf28c54c2438de6b804120e0df692038632841a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://applicant.examone.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 09 Jan 2023 21:53:12 GMT
Date
Tue, 23 Apr 2024 18:27:10 GMT
ETag
"014c2c47424d91:0"
X-Frame-Options
sameorigin
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
1150
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/consent/96ac1b7b-0784-41e9-9c8e-2ca25ee15da1/96ac1b7b-0784-41e9-9c8e-2ca25ee15da1.json

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| surveyTitle string| cultureNameLcase string| dialogYes string| dialogNo string| pwShow string| pwHide string| positive string| negative number| timeoutInSeconds function| $ function| jQuery object| ilo object| google_tag_manager object| google_tag_data boolean| utag_condload object| catMapping object| utag function| readCookie function| getGroups function| setCats function| getOTCookie function| getRootDomain function| setConsentManager boolean| __tealium_twc_switch boolean| load_reorder function| OptanonWrapper object| OneTrustStub

4 Cookies

Domain/Path Name / Value
applicant.examone.com/ Name: culture
Value: en-US
applicant.examone.com/ Name: __RequestVerificationToken
Value: lWPAlDvoIHu-pOyOCBb9qGaYLF5YSNKebYUyJ5e_QnaLq8M2uQbfs8bk7DzJ_no1CJGcQl81zHjIjDIuKuw6DAHAuUA1
applicant.examone.com/ Name: TS01a343dc
Value: 012b363957bf5b59be38ffb420127453a37f5d64526530bbf6535a8e14de3b9091ff8f8cf992cc2d7eef0b44780a6940d91b25e25a4615e4891c6c3ffb02d18d52efeab0fb3b736202ff367e83443864034e690ebf
.examone.com/ Name: utag_main
Value: v_id:018f0c36373d0055e92dded758000506f001e06700b08$_sn:1$_se:1$_ss:1$_st:1713898630781$ses_id:1713896830781%3Bexp-session$_pn:1%3Bexp-session$salted_vid:c5e9bdb5981d265377458f630466282703e9646699911549b1b51aafc1430a12

1 Console Messages

Source Level URL
Text
security error URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Message:
Refused to connect to 'https://cdn.cookielaw.org/consent/96ac1b7b-0784-41e9-9c8e-2ca25ee15da1/96ac1b7b-0784-41e9-9c8e-2ca25ee15da1.json' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://tags.tiqcdn.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal.onetrust.com; img-src 'self' https://ssl.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block