www.covidcert.nextstep.careers Open in urlscan Pro
2606:4700::6813:ef75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.covidcert.nextstep.careers/
Submission: On April 01 via automatic, source certstream-suspicious (April 1st 2020, 4:40:44 pm UTC)

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 25 domains to perform 60 HTTP transactions. The main IP is 2606:4700::6813:ef75, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.covidcert.nextstep.careers.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 1st 2020. Valid for: 6 months.

This is the only time www.covidcert.nextstep.careers was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6813:ef75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:21f... 2600:9000:21f3:9a00:2:6743:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
3 4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
9	2600:9000:21a... 2600:9000:21a1:ec00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
6	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
1	13.225.87.83 13.225.87.83	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1 3	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.97.92 143.204.97.92	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2600:9000:21f... 2600:9000:21f3:6600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
1	147.75.102.239 147.75.102.239	54825 (PACKET) (PACKET)
2	2600:9000:21f... 2600:9000:21f3:e400:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:fd05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
60	29

2 2606:4700::6813:ef75 (United States)

ASN13335 (CLOUDFLARENET, US)

www.covidcert.nextstep.careers	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:9a00:2:6743:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

fedora.teachablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:21a1:ec00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-83.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:925b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-92.fra50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9a (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:e400:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fd05 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	website-files.com assets.website-files.com	1 MB
7	google-analytics.com 3 redirects www.google-analytics.com	45 KB
6	vimeo.com player.vimeo.com	18 KB
6	teachablecdn.com fedora.teachablecdn.com	325 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	116 KB
4	google.com 3 redirects www.google.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	facebook.com www.facebook.com	450 B
3	google.de www.google.de	327 B
3	doubleclick.net 3 redirects stats.g.doubleclick.net	482 B
3	branch.io cdn.branch.io api2.branch.io	24 KB
3	app-us1.com 1 redirects prism.app-us1.com diffuser-cdn.app-us1.com	6 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
2	facebook.net connect.facebook.net	143 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	nextstep.careers www.covidcert.nextstep.careers	14 KB
1	hubspot.com track.hubspot.com	494 B
1	hs-analytics.net js.hs-analytics.net	22 KB
1	app.link app.link	728 B
1	twitter.com platform.twitter.com
1	licdn.com snap.licdn.com	2 KB
1	hs-scripts.com js.hs-scripts.com	799 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	wistia.com fast.wistia.com	115 KB
60	25

	Domain	Requested by
9	assets.website-files.com	www.covidcert.nextstep.careers assets.website-files.com
7	www.google-analytics.com	3 redirects www.covidcert.nextstep.careers www.google-analytics.com
6	player.vimeo.com	www.covidcert.nextstep.careers
6	fedora.teachablecdn.com	www.covidcert.nextstep.careers
4	www.google.com	3 redirects www.covidcert.nextstep.careers
3	www.facebook.com	www.covidcert.nextstep.careers
3	www.google.de	www.covidcert.nextstep.careers
3	stats.g.doubleclick.net	3 redirects
3	fonts.gstatic.com	ajax.googleapis.com
2	api2.branch.io	cdn.branch.io
2	px.ads.linkedin.com	1 redirects www.covidcert.nextstep.careers
2	prism.app-us1.com	1 redirects diffuser-cdn.app-us1.com
2	connect.facebook.net	www.covidcert.nextstep.careers connect.facebook.net
2	www.covidcert.nextstep.careers	www.covidcert.nextstep.careers
1	vars.hotjar.com	static.hotjar.com
1	track.hubspot.com
1	js.hs-analytics.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	app.link	cdn.branch.io
1	platform.twitter.com	www.covidcert.nextstep.careers
1	snap.licdn.com	www.covidcert.nextstep.careers
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.branch.io	www.covidcert.nextstep.careers
1	diffuser-cdn.app-us1.com	www.covidcert.nextstep.careers
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.covidcert.nextstep.careers
1	fonts.googleapis.com	ajax.googleapis.com
1	www.gstatic.com	www.google.com
1	d3e54v103j8qbb.cloudfront.net	www.covidcert.nextstep.careers
1	ajax.googleapis.com	www.covidcert.nextstep.careers
1	fast.wistia.com	www.covidcert.nextstep.careers
60	32

This site contains links to these domains. Also see Links.

Domain
sso.teachable.com
covidcert.nextstep.careers

Subject Issuer	Validity	Valid
www.covidcert.nextstep.careers CloudFlare Inc ECC CA-2	`2020-04-01` - `2020-10-09`	6 months	crt.sh
*.teachablecdn.com Amazon	`2019-09-03` - `2020-10-03`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-26` - `2021-03-18`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.website-files.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-31` - `2020-11-08`	7 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
ssl861457.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-25` - `2020-09-02`	6 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.covidcert.nextstep.careers/
Frame ID: F9320D5D7848CDD31A6DE76816EB0A8E
Requests: 54 HTTP requests in this frame

Frame: https://player.vimeo.com/video/402819264?title=0&byline=0&portrait=0
Frame ID: 048E38AA4F509712855D9D682591EE7E
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/402827975?title=0&byline=0&portrait=0
Frame ID: D66943E82B9D6147A2D3CC828408A28D
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/402827619?title=0&byline=0&portrait=0
Frame ID: 68884012F4DC51CC2D56CDB9889FB1CA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fnextstephealthcarecareers%2F&layout=button_count&locale=en_US&action=like&show_faces=false&share=false
Frame ID: D2CAB38DB7CF0FC385B11D7F8E58502A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.html
Frame ID: 1887B0B1ACD44A704558625A457270BE
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 973EE7587600CCAA651337B7EDE27BA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /prism\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

60
Requests

100 %
HTTPS

81 %
IPv6

25
Domains

32
Subdomains

29
IPs

6
Countries

2293 kB
Transfer

6567 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://sso.teachable.com/secure/534999/checkout/1782030/covid-19-preparation-certification
Title: Enroll Now

Search URL Search Domain Scan URL

URL: https://covidcert.nextstep.careers/p/buyseats
Title: For Employers

Search URL Search Domain Scan URL

URL: https://covidcert.nextstep.careers/p/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://covidcert.nextstep.careers/p/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://prism.app-us1.com/prism.js HTTP 301
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Request Chain 42

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEIZR~&jid=255878264&gjid=1142736276&cid=1573187154.1585759227&tid=UA-44397410-1&_gid=162800557.1585759227&_r=1&z=1474113675 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_gid=162800557.1585759227&gjid=1142736276&_v=j81&z=1474113675 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675&slf_rd=1&random=728722302

Request Chain 43

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIZR~&jid=241810058&gjid=1419885629&cid=1573187154.1585759227&tid=UA-44397410-4&_gid=162800557.1585759227&_r=1&z=1021819732 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_gid=162800557.1585759227&gjid=1419885629&_v=j81&z=1021819732 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732&slf_rd=1&random=1320124054

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fwww.covidcert.nextstep.careers%252F%26time%3D1585759227214%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214&liSync=true

Request Chain 50

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIbR~&jid=1824492480&gjid=1559536398&cid=1573187154.1585759227&tid=UA-138864403-3&_gid=162800557.1585759227&_r=1&gtm=2wg3i0PFR8DRC&z=352923390 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_gid=162800557.1585759227&gjid=1559536398&_v=j81&z=352923390 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390&slf_rd=1&random=4055414286

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.covidcert.nextstep.careers/ 89 KB
13 KB 1291ms
1234ms Document
text/html 2606:4700::6813:ef75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ef75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb4107499518abaa9091f5d676ef819bea136c06b13b5a9d3334cf49735dc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.covidcert.nextstep.careers
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 01 Apr 2020 16:40:26 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=da3323949615a0896415cd528d81bc3e81585759225; expires=Fri, 01-May-20 16:40:25 GMT; path=/; domain=.www.covidcert.nextstep.careers; HttpOnly; SameSite=Lax ahoy_visitor=f0274028-862d-4fb3-b098-fbe6a2c24105; path=/; expires=Fri, 01 Apr 2022 16:40:25 -0000 ahoy_visit=73b4f860-4f73-44eb-8974-c3c941130bf0; path=/; expires=Wed, 01 Apr 2020 20:40:25 -0000 ahoy_track=true; path=/ _afid=f0274028-862d-4fb3-b098-fbe6a2c24105; domain=.nextstep.careers; path=/; expires=Thu, 01 Apr 2021 16:40:25 -0000 aid=f0274028-862d-4fb3-b098-fbe6a2c24105; domain=.nextstep.careers; path=/; expires=Thu, 01 Apr 2021 16:40:25 -0000 site_preview=logged_out; path=/ _session_id=0a4c51e11200aade7897a3a45b3fa597; path=/; expires=Fri, 01 May 2020 16:40:26 -0000; HttpOnly __cf_bm=054d0130beedaad2bb5711ab980428999e9186f6-1585759226-1800-AectOgMtYy4qez9aYnJf9+iYuNQ0Zc3RvolRqw5zoLHeivqMjxLSMXznNAtjkXo28ut402wowvPkvq1XskSt8k8=; path=/; expires=Wed, 01-Apr-20 17:10:26 GMT; domain=.www.covidcert.nextstep.careers; HttpOnly; Secure; SameSite=None __cfruid=3f8d74b6a0d243ee20ac31fb8a48efd878904633-1585759226; path=/; domain=.www.covidcert.nextstep.careers; HttpOnly; Secure; SameSite=None
x-fedora-school-id: 534999
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=0
x-request-id: 1dc8b02b-fad5-4f6c-b6df-96056c737d34
x-runtime: 0.687499
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57d3c075cccdd6e5-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK pages-b7f1d8276c4c6dd6f8f969534fc8527af62dfa1cc77bb50b556e0dc3da82adfa.css
fedora.teachablecdn.com/assets/ 56 KB
8 KB 51ms
7ms Stylesheet
text/css 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fedora.teachablecdn.com/assets/pages-b7f1d8276c4c6dd6f8f969534fc8527af62dfa1cc77bb50b556e0dc3da82adfa.css
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7f1d8276c4c6dd6f8f969534fc8527af62dfa1cc77bb50b556e0dc3da82adfa

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 30 Mar 2020 19:33:13 GMT
Content-Encoding: gzip
Age: 162434
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 30 Mar 2020 19:21:00 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: vQa3Y6tM.h.4pwPHKXz08VTYZ1gwM0lQ
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Content-Type: text/css
X-Amz-Cf-Id: WN9AGOvuTJROWj3VEZHgaOX35m_7Qp6NrTM2BRjdnrXrnDKKOEfNTw==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 639 KB
115 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f33c3e62240b6f6b18e2523681411858836675ed1e7b5e9a21cbc4fd81401db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:26 GMT
content-encoding: br
age: 2307
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 117440
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4480-SEA, cache-hhn4020-HHN
x-browser-version: 74
last-modified: Wed, 01 Apr 2020 12:32:40 GMT
x-timer: S1585759226.486385,VS0,VE0
etag: "5e8489e8-1cac0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 651

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
536 B 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aec8f06eaabf9c98bf6595dc0869dc0e20138dc5fdf439bfc03963c39244ff6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 444
x-xss-protection: 1; mode=block
expires: Wed, 01 Apr 2020 16:40:26 GMT

GET
H/1.1 200
OK pages-20e89ca20dd67a93c685.js Show response
fedora.teachablecdn.com/packs/ 312 KB
312 KB 61ms
15ms Script
application/javascript 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fedora.teachablecdn.com/packs/pages-20e89ca20dd67a93c685.js
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a09325d98d716ca58d6c4a4fa22e9238e7aa56262ec5dc7c6c0773c07526892

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 15:13:02 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Age: 5244
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 319354
Last-Modified: Wed, 01 Apr 2020 15:06:42 GMT
Server: AmazonS3
ETag: "13148ecc6e37b7707b9ea7d15869d2f4"
Vary: Accept-Encoding
x-amz-version-id: Oqqq1VTRyns7KarTa4flaqdGXe9Km9h2
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: wDHfIVk7S04S0JobtX4_JK0NWheh_Tc3jww1jDi-gLIkGCpEHkX4-Q==

GET
H2 200 next-step-covid.webflow.e40bc5de6.css
assets.website-files.com/5e7692543aa62f151f5f3214/css/ 114 KB
16 KB 441ms
402ms Stylesheet
text/css 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.webflow.e40bc5de6.css
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc845b1a3d0ae7d5796cf3b02da2c2e63e74edeb79b4d89e2f44b84cbf6315ea

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 20:42:01 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "3ff444709d55c59812467d559833485c"
x-cache: Miss from cloudfront
x-amz-version-id: w_3_9j7.ia9yIwQK408B9So2gY_bqaCT
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/css
content-length: 15871
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
x-amz-cf-id: nWhOMKHQcrx8JHhyFS8ET3FkD-U36E0lH7otLucxhmHqRX7Yo-h-tw==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 23:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1876056
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Mar 2021 23:32:50 GMT

GET
H2 200 5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg
assets.website-files.com/5e7692543aa62f151f5f3214/ 4 KB
2 KB 442ms
403ms Image
image/svg+xml 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fc25162972aac68fc6f0f744b1623c335c840b9ef18c1885394e042cf43baf3

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
last-modified: Sat, 21 Mar 2020 22:16:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: trupaflK3IA6C9GQ2ee5auYYIgTdS9cY
status: 200
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: biTBkufHJzSR4KWTmkLv7eZ3xtmY_3jyEzioVqzMNd2fmYIFU9PbeA==
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 21ms
6ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 507
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits: 618
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5185
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19135-FRA
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1585759227.518872,VS0,VE0
Date: Wed, 01 Apr 2020 16:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Expires: Wed, 01 Apr 2020 17:00:36 GMT

GET
H2 200 5e7985514416e90c46b2f013_LeadingAge.png
assets.website-files.com/5e7692543aa62f151f5f3214/ 8 KB
8 KB 453ms
451ms Image
image/png 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7985514416e90c46b2f013_LeadingAge.png
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe75ec3afd45d47cd8007ef3e83231ad603e0e6546e256b4bb69413c7e99d550

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
last-modified: Tue, 24 Mar 2020 03:58:11 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "52b73a3d53f4cbedd69ad5aab61dc8a3"
x-cache: Miss from cloudfront
x-amz-version-id: DcYgotdRJv1dct2_qeTJeQ_zB1jr6MN3
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 7863
x-amz-cf-id: 1kE_8Nyjsbx0N59Y6C9mwrTkjO5CK6Qh0vl_Vh4wQTgm6tvNUpQPWw==

GET
H2 200 5e79850a4416e97f56b2ef77_NDWALogo.png
assets.website-files.com/5e7692543aa62f151f5f3214/ 11 KB
12 KB 395ms
393ms Image
image/png 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e79850a4416e97f56b2ef77_NDWALogo.png
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0610438c89b4f70a238080b480c18feb72783051abe0c5cf55c74a69969e677

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
last-modified: Tue, 24 Mar 2020 03:56:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "f07783d1a11a09e1453627df3f6ba14c"
x-cache: Miss from cloudfront
x-amz-version-id: 9WT8JHgYPxsH4qYshBI38aULrxA2qLC.
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 11575
x-amz-cf-id: ykw9-ndHUKkMKC_T4RnxALGeeu5n8byszgvwhfQzb4b-_AcXe02Bhg==

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
31 KB 409ms
378ms Script
application/javascript 13.225.87.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e7692543aa62f151f5f3214
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-83.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://www.covidcert.nextstep.careers/
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amz-cf-id: LCEg3ewVT9ltE02IH9STtjzvrsYOGry4KrBN80yM9eWXsaLXuFwg-Q==
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)

GET
H2 200 webflow.5f253b1fe.js Show response
assets.website-files.com/5e7692543aa62f151f5f3214/js/ 3 MB
580 KB 422ms
421ms Script
text/javascript 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/js/webflow.5f253b1fe.js
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60dea273c423eaa009beda94fab7d9de506dbe636a07e069508076d65a147e88

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 16:08:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "61013ce53918b3831f74fee79f5f464a"
x-cache: Miss from cloudfront
x-amz-version-id: uR2xfwEiTvqYtjTuOh2VSkPsjBGIQkv7
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
content-length: 592733
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
x-amz-cf-id: 94bWK746bnBpCs8d-W6TXvCmYLJoLuW1-Ict6xrZIYL1DKWR1F1MzQ==

GET
H/1.1 200
OK youtube-brands-43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d.svg
fedora.teachablecdn.com/assets/icons/ 704 B
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/youtube-brands-43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d.svg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 01 Jan 2020 06:49:35 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Age: 7897852
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 704
Last-Modified: Mon, 30 Dec 2019 20:14:34 GMT
Server: AmazonS3
ETag: "c80ca203c0f773a8502d85ae60f347ce"
x-amz-version-id: 96S4n6dal2QTVKADhClMJiQ7LQTPrTPj
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Amz-Cf-Id: SLy0ibG8n1YrXk-1BFvg49PNgBwTrxEEwPP2C_dXW8NH3Ut8IdRxNA==

GET
H/1.1 200
OK file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg
fedora.teachablecdn.com/assets/icons/ 713 B
1 KB 8ms
7ms Image
image/svg+xml 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Jan 2020 21:44:31 GMT
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Age: 7498556
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 713
Last-Modified: Fri, 03 Jan 2020 22:08:26 GMT
Server: AmazonS3
ETag: "cf5e4039d88b7054bd1ac282e861a537"
x-amz-version-id: nex_UM5vXsOC.9K.CYrbQIjvD_c9kwXT
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Amz-Cf-Id: xFQCXRgai5oG8BzJ_iujT0gQiv_tRzTZDGI7qtw7yTRPv45hvDtKPQ==

GET
H/1.1 200
OK lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg
fedora.teachablecdn.com/assets/icons/ 1014 B
1 KB 16ms
7ms Image
image/svg+xml 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 21:31:06 GMT
Content-Encoding: gzip
Age: 4043360
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 14 Feb 2020 20:55:17 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: augtXLRuUehjOj83QXHUY2VKANRSvfjZ
Via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Content-Type: image/svg+xml
X-Amz-Cf-Id: ybS1rIGDb08GEkD66Evym2QP49jPMHYOlkSyDyojAXI4A8i_iuBwQQ==

GET
H/1.1 200
OK chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg
fedora.teachablecdn.com/assets/icons/ 523 B
1 KB 17ms
7ms Image
image/svg+xml 2600:9000:21f3:9a00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Jan 2020 02:07:22 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Age: 7137185
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 523
Last-Modified: Fri, 10 Jan 2020 00:49:36 GMT
Server: AmazonS3
ETag: "2c0862a67bfb8773d52c7833e17cd5ca"
x-amz-version-id: .mm5VxQiwQJGyCXR8ee_mBTol_VD8txP
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Amz-Cf-Id: LcImwigaYMkCdvrXCW4ZgzIbrFm11X17PuOu5rTvS5uJnj0BAPnJNA==

GET
H2 200 5e7692543aa62f0c035f325e_NextStep%20Favicon.png
assets.website-files.com/5e7692543aa62f151f5f3214/ 356 B
750 B 418ms
416ms Image
image/png 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f0c035f325e_NextStep%20Favicon.png
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c35df38b73a4853d0075d4eb7ae1a4ca8a40efc49a1d92ed68a95c0456cfd352

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "8713eb431bc2ff99889985c1dc8bcf7f"
x-cache: Miss from cloudfront
x-amz-version-id: nBDcrgyN.lyzKh69ECjzQDdYDIA4Dfu8
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 356
x-amz-cf-id: QLH9luCK-lxUviAkbuoUJfwraR7QUj0hdC_ZHCYe0g0_0J0MR1CwZg==

GET
H2 200 email-decode.min.js Show response
www.covidcert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
807 B 35ms
33ms Script
application/javascript 2606:4700::6813:ef75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidcert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ef75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:26 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 31 Mar 2020 17:14:14 GMT
server: cloudflare
etag: W/"5e837a66-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 57d3c0805c9dd6e5-FRA
expires: Fri, 03 Apr 2020 16:40:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: nBUrTE5BwFfGQmbyUK+epRC+0bGkcG0jaUmFUiu+6tfg40ce0671CgTCRH4ANjpgLN7QxZVvKH4mvIWagzuynw==
x-fb-trip-id: 1850256238
date: Wed, 01 Apr 2020 16:40:26 GMT, Wed, 01 Apr 2020 16:40:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/ 259 KB
93 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 30 Mar 2020 16:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Mar 2020 04:05:21 GMT
server: sffe
age: 172830
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94752
x-xss-protection: 0
expires: Tue, 30 Mar 2021 16:39:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
666 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,regular,600

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f16b57f4700efc5ecf5e0769dd352ab3248855da6cd2af0c489e544d88c9fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 16:40:26 GMT
server: ESF
date: Wed, 01 Apr 2020 16:40:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Apr 2020 16:40:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
37 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbc1522124807825d96470d75c797130bf02bb0760f005cf317a9c4d36b282ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:26 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 37875
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Apr 2020 16:40:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 111
date: Wed, 01 Apr 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 01 Apr 2020 18:38:35 GMT

GET
H/1.1 200
OK 402819264
player.vimeo.com/video/ Frame 048E 0
0 124ms
123ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/402819264?title=0&byline=0&portrait=0

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.covidcert.nextstep.careers/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 01 Apr 2020 16:44:10 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-8
X-Vimeo-DC: ge
Content-Length: 10344
Accept-Ranges: bytes
Date: Wed, 01 Apr 2020 16:40:27 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19135-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1585759227.063541,VS0,VE116
Vary: Accept-Encoding

GET
H2 200 5e83a8949ff7566f4e0bc886_fullcolor_nursemask.jpg
assets.website-files.com/5e7692543aa62f151f5f3214/ 391 KB
392 KB 422ms
422ms Image
image/jpeg 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e83a8949ff7566f4e0bc886_fullcolor_nursemask.jpg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7d788f375a48d5a2a73c32b81d05a9940c9f6dc81d518d17e7873a0e7ad701a

Request headers

Referer: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.webflow.e40bc5de6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
last-modified: Tue, 31 Mar 2020 20:31:18 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "eba5acb91b8b0d32eeebbbc999ad4547"
x-cache: Miss from cloudfront
x-amz-version-id: 6fhpH51Spf0Lh0dsSvl7mDUeNWBAR2Qa
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 400317
x-amz-cf-id: 63_muuC71BhsicXyYRh1KVzu01upmxr2yPosmkyHKWZbrpYTJSk9ug==

GET
H2 200 5e7692543aa62f16885f32c3_CoronaVirusModel.jpg
assets.website-files.com/5e7692543aa62f151f5f3214/ 303 KB
304 KB 427ms
427ms Image
image/jpeg 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f16885f32c3_CoronaVirusModel.jpg
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8903e46d1cf5cd05a7698dfb0ebf41a284d19453b1b771c9b51b9792ed9f9125

Request headers

Referer: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.webflow.e40bc5de6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c301.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC51-C1
etag: "d7095b1f8c6ba254797760b5a4402411"
x-cache: Miss from cloudfront
x-amz-version-id: gfVySKQ.7KD6ee2wdDKwH394PnbWcdfZ
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 310761
x-amz-cf-id: srj_oZpeFgb7YhXZyJ3TU3dG8XCEaCiz19o1OWvx2dqg_yDsXCl68A==

GET
H/1.1 200
OK 402827975
player.vimeo.com/video/ Frame D669 0
0 124ms
110ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/402827975?title=0&byline=0&portrait=0

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.covidcert.nextstep.careers/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 01 Apr 2020 16:43:47 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-8
X-Vimeo-DC: ge
Content-Length: 9487
Accept-Ranges: bytes
Date: Wed, 01 Apr 2020 16:40:27 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19128-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1585759227.078005,VS0,VE103
Vary: Accept-Encoding

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 7ms
7ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 507
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits: 620
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5185
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19135-FRA
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1585759227.945652,VS0,VE0
Date: Wed, 01 Apr 2020 16:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Expires: Wed, 01 Apr 2020 17:00:36 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:54:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:10 GMT
server: sffe
age: 5327152
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7988
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:54:34 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:10:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 2291394
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:10:32 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 15:56:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 348235
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Sun, 28 Mar 2021 15:56:31 GMT

GET
H/1.1 200
OK 402827619
player.vimeo.com/video/ Frame 6888 0
0 206ms
194ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/402827619?title=0&byline=0&portrait=0

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.covidcert.nextstep.careers/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 01 Apr 2020 16:50:27 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-6
X-Vimeo-DC: ge
Content-Length: 5152
Accept-Ranges: bytes
Date: Wed, 01 Apr 2020 16:40:27 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19177-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1585759227.082109,VS0,VE187
Vary: Accept-Encoding

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 20ms
7ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 507
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits: 604
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5185
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19129-FRA
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1585759227.082214,VS0,VE0
Date: Wed, 01 Apr 2020 16:40:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Expires: Wed, 01 Apr 2020 17:00:36 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
891 B 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 218
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
expires: Wed, 01 Apr 2020 17:36:49 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 15:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2956
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Wed, 01 Apr 2020 16:51:11 GMT

GET
H2 200 1203189133144839 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1203189133144839?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

099beafabafab90e563e46d64ebf7fc594c760ccad4622af188696ee0c056b07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 3CSPZhMizX9YbgKMC3uLa8m+3Cb55+AlenIEJ4F3KhYJXOEAtP9bXuhnhdKbLeyACULZgaiIvi3L5B581tncqg==
x-fb-trip-id: 1850256238
date: Wed, 01 Apr 2020 16:40:27 GMT, Wed, 01 Apr 2020 16:40:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1326127.js Show response
static.hotjar.com/c/ 3 KB
2 KB 143ms
104ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1326127.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

2f05cbe8be49348ed613b5874222de6547bd902dfd81e30350a13fb5ae06d18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/31cea999644d9a729201ff4aae60a987
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.080
accept-ranges: bytes
section-io-id: 803e3573f285de432b236eb9e36d3cb7
section-origin-responded: true

GET
H2

200

diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain

https://prism.app-us1.com/prism.js
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

22 KB
5 KB

12ms
11ms

Script
application/javascript

2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b30f24ad4ed1361125cf38a7745d107684c853414fe5bfca612e63d5c1ec1a

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 296
x-cache: Miss from cloudfront
status: 200
last-modified: Thu, 12 Mar 2020 15:29:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: MUC51-C1
cf-ray: 57d3c081bcf896b6-FRA
x-amz-cf-id: K5a2qPaZTqjXr-qcudnzmpMQh-hGcEacWYXtsPH-1AULDsH54oVV1A==

Redirect headers

date: Wed, 01 Apr 2020 16:40:27 GMT
cf-cache-status: HIT
server: cloudflare
age: 6707
location: https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 301
cache-control: public, max-age=14400
cf-ray: 57d3c0819cd296b6-FRA
expires: Wed, 01 Apr 2020 20:40:27 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 77 KB
23 KB 38ms
11ms Script
text/javascript 143.204.97.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b32a5a9d6377482d78761bb14b2553976026c080c199689876b3f7e8082d2fb

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 8GVRWq87W1DoDDVyhIjRVb4aKbV.eHPi
Content-Encoding: gzip
Last-Modified: Thu, 26 Mar 2020 21:16:32 GMT
Server: AmazonS3
Age: 7
ETag: "6ec921ece76f1bd3bfc239d361ef4a2c"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Wed, 01 Apr 2020 16:40:22 GMT
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Content-Length: 23121
X-Amz-Cf-Id: uw_rYmCXrVAtyir8_mebbe1VDGpvtK5-vkuieFrUv6dDTgC6rUttAw==

GET
H2 200 5861784.js Show response
js.hs-scripts.com/ 377 B
799 B 469ms
449ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5861784.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f79c99f77294b3a7ef128ed635139de5318644227a24883619b93315cbcb42f

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: gzip
cf-cache-status: MISS
status: 200
access-control-max-age: 3600
content-length: 287
server: cloudflare
x-trace: 2BCE73131DD6C519E9D8545609398A60C2F0FBBE11000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.covidcert.nextstep.careers
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57d3c0818adc63d1-FRA
expires: Wed, 01 Apr 2020 16:41:27 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 16:40:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=78329
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NB3MGZB&t=gtm1&cid=1573187154.1585759227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4be811e71a7f5adb418a64fd183aa90fac3858a00db09c973360df94ea439bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24231
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Apr 2020 16:40:27 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_gid=162800557.1585759227&gjid=1142736276&_v=j81&z=1474113675
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675&slf_rd=1&random=728722302

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675&slf_rd=1&random=728722302

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1573187154.1585759227&jid=255878264&_v=j81&z=1474113675&slf_rd=1&random=728722302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_gid=162800557.1585759227&gjid=1419885629&_v=j81&z=1021819732
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732&slf_rd=1&random=1320124054

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732&slf_rd=1&random=1320124054

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1573187154.1585759227&jid=241810058&_v=j81&z=1021819732&slf_rd=1&random=1320124054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame D2CA 0
0 71ms
58ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fnextstephealthcarecareers%2F&layout=button_count&locale=en_US&action=like&show_faces=false&share=false

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fnextstephealthcarecareers%2F&layout=button_count&locale=en_US&action=like&show_faces=false&share=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.covidcert.nextstep.careers/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: u9O0+P0sjn0tDMCJOEKmtPjKOzmZQM0DptuNOGaRvFaadtaX52NS4SSIKErowwzgv9Wos7otem4Nr5KIloqUJQ==
date: Wed, 01 Apr 2020 16:40:27 GMT Wed, 01 Apr 2020 16:40:27 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H/1.1 200
OK tweet_button.html
platform.twitter.com/widgets/ Frame 1887 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.html
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.covidcert.nextstep.careers/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 791
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Apr 2020 16:40:27 GMT
Etag: "d6e03d1be2ee804ffae86a30f5561e8b+gzip"
Last-Modified: Thu, 19 Mar 2020 21:22:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AF)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 19395

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
728 B 213ms
164ms Script
text/javascript 2600:9000:21f3:6600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.53.0&branch_key=key_live_eoHwhKJtRQruvhYLU2GFXfegvDeCM7xm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:6600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

59190d62de48e5d0074950612e504414dc76da2e71c80f626b1aed0ce200a6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 16:40:27 GMT
Via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA2-C2
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-WyVfj2YD2k+aoLGoNV7a00hvheI"
X-Amz-Cf-Id: Z2VUisYF9h5bpzo3tzRJ8v-fPzIVLQcqxN2lQKMoB5AYplZ96NTe1g==

GET
H2 200 / Show response
prism.app-us1.com/ 0
189 B 493ms
493ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=251993589&u=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 57d3c081dd1396b6-FRA
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203189133144839&ev=PageView&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&rl=&if=false&ts=1585759227201&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585759227201.2009448152&it=1585759227083&coo=false&rqm=GET

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT, Wed, 01 Apr 2020 16:40:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Apr 2020 16:40:27 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fwww.covidcert.nextstep.careers%252F%26time%3D...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214&liSync=true

0
39 B

165ms
165ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214&liSync=true
Requested by: Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: 2bsgop2/ARawpdndGisAAA==

Redirect headers

date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: 4m25l52/ARbwb2UG+CoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&time=1585759227214&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385559821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID-Ready%20Caregiver%20Certi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_gid=162800557.1585759227&gjid=1559536398&_v=j81&z=352923390
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390&slf_rd=1&random=4055414286

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390&slf_rd=1&random=4055414286

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Apr 2020 16:40:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1573187154.1585759227&jid=1824492480&_v=j81&z=352923390&slf_rd=1&random=4055414286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0be5265654b49cdd90f7.js Show response
script.hotjar.com/ 366 KB
69 KB 58ms
19ms Script
application/javascript 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.0be5265654b49cdd90f7.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash: 5fc4e4032f2d2422b3ed9aed5939d32ae61e9da53a8971fbfb8acc36f9c81557

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: br
content-type: application/javascript
age: 96329
status: 200
section-io-cache: Hit
content-length: 70605
last-modified: Tue, 31 Mar 2020 13:52:12 GMT
etag: "56b2ecfcb4fef63e26e80d0c277b1347"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.095
accept-ranges: bytes
section-io-id: b303b545f2d062d8bfd87b7ef6fca3d4
section-origin-responded: true

POST
H2 200 open Show response
api2.branch.io/v1/ 267 B
555 B 370ms
354ms XHR
application/json 2600:9000:21f3:e400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:e400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 472f22cd136b95bf7320ebfec6ece0fc2a491ba7021c3cf134ccdeef3642b8be

Request headers

Referer: https://www.covidcert.nextstep.careers/
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 267
x-amz-cf-id: RQMk0ao418JnznguBajX0JtO5IVx-kXvXY8zSyWPD_DkR9eLxJ_5FQ==

GET
H2 200 5861784.js Show response
js.hs-analytics.net/analytics/1585759200000/ 80 KB
22 KB 144ms
130ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1585759200000/5861784.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5861784.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde350dafc5affc74669f239f41208ef696e09719c63e581cdc81a09250daa12

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2865905C34E6FA0E
x-amz-server-side-encryption: AES256
status: 200
content-type: text/javascript
x-amz-id-2: +6zfwHcIVkb1HmViTqo1b3H7B0nqdjsoz58thqk6URZ55teS70twqgMrYzckNSaFIkqvnUt0QJg=
last-modified: Thu, 12 Mar 2020 16:48:34 GMT
server: cloudflare
etag: W/"de441fd752803b249f905781e15042a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 57d3c0847d92dfcb-FRA
expires: Wed, 01 Apr 2020 16:45:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
11ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203189133144839&ev=Microdata&dl=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&rl=&if=false&ts=1585759227710&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22National%20COVID-Ready%20Caregiver%20Certification%20%7C%20NextStep%22%2C%22meta%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20National%20COVID-19%20Ready%20Caregiver%20Certification.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22National%20COVID-19%20Ready%20Caregiver%20Certification%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.filepicker.io%2Fapi%2Ffile%2FIyRXnNJSUOCftswa6cBw%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcovidcert.nextstep.careers%2Fcourses%2F812905%22%2C%22og%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20National%20COVID-19%20Ready%20Caregiver%20Certification.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585759227201.2009448152&it=1585759227083&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.covidcert.nextstep.careers
URL: https://www.covidcert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:27 GMT, Wed, 01 Apr 2020 16:40:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Apr 2020 16:40:27 GMT

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
361 B 378ms
378ms XHR
application/json 2600:9000:21f3:e400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:e400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://www.covidcert.nextstep.careers/
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: naiZNxtMUAgEEwopk37bFLhoRSLMonvXk2E_sJsqw0V1mWp8N_Gybw==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
494 B 42ms
28ms Image
image/gif 2606:4700::6810:fd05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=5861784&rcu=https%3A%2F%2Fcovidcert.nextstep.careers%2F&pu=https%3A%2F%2Fwww.covidcert.nextstep.careers%2F&t=National+COVID-Ready+Caregiver+Certification+%7C+NextStep&cts=1585759227995&vi=4331a7113ff6ca05e0be6299edc12bf4&nc=true&u=248022424.4331a7113ff6ca05e0be6299edc12bf4.1585759227993.1585759227993.1585759227993.1&b=248022424.1.1585759227993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.covidcert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Apr 2020 16:40:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 57d3c0870a82d6c1-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json Show response
assets.website-files.com/5e7692543aa62f151f5f3214/ 8 KB
2 KB 161ms
136ms XHR
application/json 2600:9000:21a1:ec00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/js/webflow.5f253b1fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21a1:ec00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be4e3b094d724a9884bc78027e94634ad09f4234e06e62142b90ccb769c829e2

Request headers

Referer: https://www.covidcert.nextstep.careers/
Origin: https://www.covidcert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 16:40:29 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: MUC51-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Sat, 21 Mar 2020 22:16:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: vz9bQQL5AkZIEcZ6U_4zrE9xy668m0tD
via: 1.1 f94052a774a48b1ba1d5959d43fb9717.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: application/json
x-amz-cf-id: _gqkaT_6_Wm7ZpGN8iv8GkF0LjIkKqDfcVrhfhvUY8ovvlJA6mZ_Fg==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 973E 0
0 56ms
19ms Document
text/html 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress3
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.covidcert.nextstep.careers/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.covidcert.nextstep.careers/

Response headers

status: 200
date: Wed, 01 Apr 2020 16:40:28 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.092
section-origin-responded: true
age: 558616
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 898ae202baaee64945e8bdaa4a7069ef

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nextstep.careers/	1970-01-19 17:50:55	Name: hubspotutk Value: 4331a7113ff6ca05e0be6299edc12bf4
.nextstep.careers/	1970-01-19 17:01:57	Name: _hjid Value: 6bfd1ec4-9088-4c13-9291-eed349b1d3f0
.nextstep.careers/	1970-01-19 08:29:19	Name: _gat_UA-138864403-3 Value: 1
.nextstep.careers/	1970-01-19 10:38:55	Name: _fbp Value: fb.1.1585759227201.2009448152
.nextstep.careers/	1970-01-19 08:29:19	Name: _gat_teachableTracker Value: 1
.nextstep.careers/	1970-01-19 08:29:19	Name: _gat_fedoraTracker Value: 1
.nextstep.careers/	1970-01-19 08:29:21	Name: __hssc Value: 248022424.1.1585759227993
.nextstep.careers/	1970-01-20 02:00:31	Name: _ga Value: GA1.2.1573187154.1585759227
www.covidcert.nextstep.careers/	1970-01-19 09:12:31	Name: _session_id Value: 0a4c51e11200aade7897a3a45b3fa597
.nextstep.careers/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.nextstep.careers/	1970-01-19 08:30:45	Name: _gid Value: GA1.2.162800557.1585759227
www.covidcert.nextstep.careers/	1969-12-31 23:59:59	Name: site_preview Value: logged_out
.nextstep.careers/	1970-01-19 17:50:55	Name: __hstc Value: 248022424.4331a7113ff6ca05e0be6299edc12bf4.1585759227993.1585759227993.1585759227993.1
.www.covidcert.nextstep.careers/	1970-01-19 08:29:21	Name: __cf_bm Value: 054d0130beedaad2bb5711ab980428999e9186f6-1585759226-1800-AectOgMtYy4qez9aYnJf9+iYuNQ0Zc3RvolRqw5zoLHeivqMjxLSMXznNAtjkXo28ut402wowvPkvq1XskSt8k8=
.vimeo.com/	1970-01-20 02:00:31	Name: vuid Value: pl437275917.790855827
.nextstep.careers/	1970-01-19 17:14:55	Name: aid Value: f0274028-862d-4fb3-b098-fbe6a2c24105
.www.covidcert.nextstep.careers/	1969-12-31 23:59:59	Name: __cfruid Value: 3f8d74b6a0d243ee20ac31fb8a48efd878904633-1585759226
www.covidcert.nextstep.careers/	1969-12-31 23:59:59	Name: ahoy_track Value: true
www.covidcert.nextstep.careers/	1970-01-19 08:29:33	Name: ahoy_visit Value: 73b4f860-4f73-44eb-8974-c3c941130bf0
.facebook.com/	1970-01-19 10:38:55	Name: fr Value: 0qCyJ7wj33pYGa2YD..BehMP7...1.0.BehMP7.
www.covidcert.nextstep.careers/	1970-01-20 02:00:31	Name: ahoy_visitor Value: f0274028-862d-4fb3-b098-fbe6a2c24105
.nextstep.careers/	1970-01-19 17:14:55	Name: _afid Value: f0274028-862d-4fb3-b098-fbe6a2c24105
.www.covidcert.nextstep.careers/	1970-01-19 09:12:31	Name: __cfduid Value: da3323949615a0896415cd528d81bc3e81585759225

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1203189133144839.
console-api	log	(Line 2) Message: null [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api2.branch.io
app.link
assets.website-files.com
cdn.branch.io
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
diffuser-cdn.app-us1.com
fast.wistia.com
fedora.teachablecdn.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-scripts.com
platform.twitter.com
player.vimeo.com
prism.app-us1.com
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.covidcert.nextstep.careers
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.225.87.83
143.204.97.92
147.75.102.203
147.75.102.239
147.75.84.91
151.101.12.217
2600:9000:21a1:ec00:11:3b84:d200:93a1
2600:9000:21f3:6600:19:9934:6a80:93a1
2600:9000:21f3:9a00:2:6743:8540:93a1
2600:9000:21f3:e400:11:f728:3040:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:fd05
2606:4700::6811:43b0
2606:4700::6811:925b
2606:4700::6811:d6cc
2606:4700::6813:ef75
2a00:1450:4001:800::2008
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:814::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:820::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9a
2a02:26f0:10c:39e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::622
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
099beafabafab90e563e46d64ebf7fc594c760ccad4622af188696ee0c056b07
0fc25162972aac68fc6f0f744b1623c335c840b9ef18c1885394e042cf43baf3
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e
2a760066fcee7a17505ce4d13428f8b5dc8907cb2ba6acc0020ddde89869a5e0
2f05cbe8be49348ed613b5874222de6547bd902dfd81e30350a13fb5ae06d18d
2f33c3e62240b6f6b18e2523681411858836675ed1e7b5e9a21cbc4fd81401db
2f79c99f77294b3a7ef128ed635139de5318644227a24883619b93315cbcb42f
3f16b57f4700efc5ecf5e0769dd352ab3248855da6cd2af0c489e544d88c9fa5
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d
472f22cd136b95bf7320ebfec6ece0fc2a491ba7021c3cf134ccdeef3642b8be
4be811e71a7f5adb418a64fd183aa90fac3858a00db09c973360df94ea439bf8
57b30f24ad4ed1361125cf38a7745d107684c853414fe5bfca612e63d5c1ec1a
59190d62de48e5d0074950612e504414dc76da2e71c80f626b1aed0ce200a6d1
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fc4e4032f2d2422b3ed9aed5939d32ae61e9da53a8971fbfb8acc36f9c81557
60dea273c423eaa009beda94fab7d9de506dbe636a07e069508076d65a147e88
6b32a5a9d6377482d78761bb14b2553976026c080c199689876b3f7e8082d2fb
7a09325d98d716ca58d6c4a4fa22e9238e7aa56262ec5dc7c6c0773c07526892
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
8903e46d1cf5cd05a7698dfb0ebf41a284d19453b1b771c9b51b9792ed9f9125
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aec8f06eaabf9c98bf6595dc0869dc0e20138dc5fdf439bfc03963c39244ff6e
b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b
b7f1d8276c4c6dd6f8f969534fc8527af62dfa1cc77bb50b556e0dc3da82adfa
be4e3b094d724a9884bc78027e94634ad09f4234e06e62142b90ccb769c829e2
bfb4107499518abaa9091f5d676ef819bea136c06b13b5a9d3334cf49735dc20
c35df38b73a4853d0075d4eb7ae1a4ca8a40efc49a1d92ed68a95c0456cfd352
c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece
cbc1522124807825d96470d75c797130bf02bb0760f005cf317a9c4d36b282ac
cc845b1a3d0ae7d5796cf3b02da2c2e63e74edeb79b4d89e2f44b84cbf6315ea
d7d788f375a48d5a2a73c32b81d05a9940c9f6dc81d518d17e7873a0e7ad701a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0610438c89b4f70a238080b480c18feb72783051abe0c5cf55c74a69969e677
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fde350dafc5affc74669f239f41208ef696e09719c63e581cdc81a09250daa12
fe75ec3afd45d47cd8007ef3e83231ad603e0e6546e256b4bb69413c7e99d550

www.covidcert.nextstep.careers Open in urlscan Pro 2606:4700::6813:ef75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

81 %IPv6

25 Domains

32 Subdomains

29 IPs

6 Countries

2293 kBTransfer

6567 kBSize

23 Cookies

4 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.covidcert.nextstep.careers Open in urlscan Pro
2606:4700::6813:ef75 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

81 %
IPv6

25
Domains

32
Subdomains

29
IPs

6
Countries

2293 kB
Transfer

6567 kB
Size

23
Cookies

60 HTTP transactions
0 data transactions