certificates.priceforbes.com Open in urlscan Pro
20.90.220.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://certificates.priceforbes.com/
Submission: On January 15 via api (January 15th 2024, 11:49:44 am UTC) from US — Scanned from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 20.90.220.76, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is certificates.priceforbes.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 13th 2023. Valid for: a year.

This is the only time certificates.priceforbes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	20.90.220.76 20.90.220.76	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
15	4

13 20.90.220.76 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

certificates.priceforbes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	priceforbes.com certificates.priceforbes.com	7 MB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
15	3

	Domain	Requested by
13	certificates.priceforbes.com	certificates.priceforbes.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	certificates.priceforbes.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.priceforbes.com Go Daddy Secure Certificate Authority - G2	`2023-09-13` - `2024-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://certificates.priceforbes.com/
Frame ID: 12DFAD16BDB6DE01E27FD8C12DF4853C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aviation Certificate Portal - Login

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

7670 kB
Transfer

7647 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
certificates.priceforbes.com/ 1 KB
4 KB 469ms
116ms Document
text/html 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21c3807380dc6dd6b00f52f3473e2d16f19e57f91bb1ca549d1352d20daeb7cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1172
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Content-Type: text/html
Date: Mon, 15 Jan 2024 11:49:38 GMT
ETag: "57e6deceee1dda1:0"
Last-Modified: Thu, 23 Nov 2023 09:24:07 GMT
Permissions-Policy: microphone=(), geolocation=()
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly

GET
H/1.1 200
OK theme.compiled.css
certificates.priceforbes.com/ 448 KB
451 KB 211ms
210ms Stylesheet
text/css 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/theme.compiled.css?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

779f78e54a5d69eba84e30e352bb402c833885d8ef92f1ca3425554508b5c091

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 458380
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:07 GMT
ETag: "39b15acfee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK mxui.js Show response
certificates.priceforbes.com/mxclientsystem/mxui/ 1 MB
1 MB 437ms
240ms Script
application/javascript 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

727b4ad4f893446145ec7bfe37362676174b303d543bae2f0cbc66e42c99f47f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 1117098
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Oct 2022 15:01:17 GMT
ETag: "801c7dcc4be9d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 94ms
39ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/theme.compiled.css?638363282297644287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/theme.compiled.css?638363282297644287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 11:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 11:31:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 11:49:38 GMT

GET
H/1.1 200
OK metamodel.json Show response
certificates.priceforbes.com/ 5 KB
8 KB 111ms
111ms Fetch
application/json 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/metamodel.json?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18a9c0ca8f109fb07244f774f691196c3028cb350ad75a58dac19ef6dfe97b55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-mx-reqtoken: 1705319379260-0
Referer: https://certificates.priceforbes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 5326
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:09 GMT
ETag: "60267d0ee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK / Show response
certificates.priceforbes.com/xas/ 17 KB
20 KB 378ms
378ms Fetch
application/json 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/xas/

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e490551af77e139bd94fb4114ba3133b16a9f0a6c862e5686354a00602c04ad0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-mx-reqtoken: 1705319379387-1
accept: application/json
Referer: https://certificates.priceforbes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Date: Mon, 15 Jan 2024 11:49:39 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Content-Type: application/json;charset=utf-8
Cache-Control: no-store
Permissions-Policy: microphone=(), geolocation=()
Connection: keep-alive
Content-Length: 16942
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgets.css
certificates.priceforbes.com/widgets/ 189 KB
192 KB 117ms
117ms Stylesheet
text/css 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/widgets/widgets.css?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e37995cf3f9c4f26734f5ad1b2616a62d79f9b2f3aeea1c874cfa0cfaabd688c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 193254
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:09 GMT
ETag: "76758bd0ee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
certificates.priceforbes.com/widgets/ 1 MB
1 MB 119ms
119ms Script
application/javascript 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/widgets/widgets.js?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b8312960f61bd0fc349878ecc212e307be820a79c718421187d924aff108174

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 1362207
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:12 GMT
ETag: "26e2cd2ee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK widgets_en-us.js Show response
certificates.priceforbes.com/widgets/nls/ 12 KB
15 KB 107ms
107ms Script
application/javascript 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/widgets/nls/widgets_en-us.js?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3d05dc5f990e10156fcc8ea3575b02daf2e5090b57b112d7f5fa4d6e85c94036

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 12062
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:12 GMT
ETag: "40992ad2ee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 80ms
24ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://certificates.priceforbes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 13:12:19 GMT
x-content-type-options: nosniff
age: 427041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 13:12:19 GMT

GET
H/1.1 200
OK Login.page.xml Show response
certificates.priceforbes.com/pages/en_US/Administration/ 11 KB
15 KB 108ms
108ms Fetch
text/xml 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/pages/en_US/Administration/Login.page.xml?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

430dcd84822d57b43ead3e3ed1675bac9d67c6f3818824a94c18ed4164cca61a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-mx-reqtoken: 1705319380440-2
Referer: https://certificates.priceforbes.com/
x-csrf-token: d8fe39c5-09f6-400b-990f-d8575559f9f7
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 11696
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:08 GMT
ETag: "531197cfee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/xml
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK BGCI_Layout_Empty.layout.xml Show response
certificates.priceforbes.com/pages/en_US/UIResources/ 707 B
4 KB 114ms
113ms Fetch
text/xml 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.priceforbes.com/pages/en_US/UIResources/BGCI_Layout_Empty.layout.xml?638363282297644287

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/mxclientsystem/mxui/mxui.js?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

440b71d7e51eb2d0b0ffdc21262552af15b2e75f716c39a9fc2169e285530d05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-mx-reqtoken: 1705319380552-3
Referer: https://certificates.priceforbes.com/
x-csrf-token: d8fe39c5-09f6-400b-990f-d8575559f9f7
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 707
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:08 GMT
ETag: "77c396cfee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/xml
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK Login.png
certificates.priceforbes.com/resources/ 4 MB
4 MB 117ms
117ms Image
image/png 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.priceforbes.com/resources/Login.png

Requested by

Host: certificates.priceforbes.com
URL: https://certificates.priceforbes.com/theme.compiled.css?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4da65e3afcc2734676d6c2e78c4a8efee76ce7fd9ed4314eb58659a9ee567597

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/theme.compiled.css?638363282297644287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 4527944
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 21 Nov 2023 16:23:58 GMT
ETag: "92278b21971cda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK UIResources$Images$Price_Forbes_Logo_Transparent.png
certificates.priceforbes.com/img/ 25 KB
28 KB 111ms
110ms Image
image/png 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.priceforbes.com/img/UIResources$Images$Price_Forbes_Logo_Transparent.png?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f07c55d6beceafe3542f189c1a06a6442a5f6034b88a0630a21ad6215925d7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 25641
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:04 GMT
ETag: "772550cdee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK UIResources$Images$logo_aqua.png
certificates.priceforbes.com/img/ 27 KB
30 KB 220ms
108ms Image
image/png 20.90.220.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.priceforbes.com/img/UIResources$Images$logo_aqua.png?638363282297644287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.220.76 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04a478905fd8c51c21003126ec485ca0cde0001605c0da399b3117443a9831af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://certificates.priceforbes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 11:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com *.licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com *.linkedin.com *.licdn.com *.ads.linkedin.com p.adsymptotic.com unpkg.com *.googleapis.com maps.google.com maps.gstatic.com www.gstatic.com *.ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://*.hotjar.com *.hotjar.com *.hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com *.linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
content-security-policy-report-only: frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' *.mendix.com *.googletagmanager.com *.google-analytics.com google-analytics.com googletagmanager.com *.licdn.com *.linkedin.com unpkg.com; style-src 'report-sample' 'unsafe-inline' *; object-src 'self'; frame-src 'self' *.googletagmanager.com *.linkedin.com; child-src 'self' *.googletagmanager.com; img-src data: blob: *; font-src 'self' data: *.gstatic.com *.googleapis.com unpkg.com; connect-src 'self' about: *.googleapis.com *.gstatic.com *.mendix.com *.google-analytics.com *.doubleclick.net *.google.com *.googletagmanager.com *.linkedin.com *.licdn.com; manifest-src 'self'; base-uri 'self'; form-action 'self' *.microsoftonline.com; media-src 'self' *.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/reportonly
Connection: keep-alive
Content-Length: 27210
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 23 Nov 2023 09:24:04 GMT
ETag: "4a2b4ecdee1dda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Permissions-Policy: microphone=(), geolocation=()
Accept-Ranges: bytes

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
certificates.priceforbes.com/	1969-12-31 23:59:59	Name: originURI Value: /login.html
certificates.priceforbes.com/	1969-12-31 23:59:59	Name: SessionTimeZoneOffset Value: 600
certificates.priceforbes.com/	1969-12-31 23:59:59	Name: XASSESSIONID Value: 43c6fa27-4782-41f8-8de2-21ee5719799c
certificates.priceforbes.com/	1969-12-31 23:59:59	Name: xasid Value: 0.b5ddc838-70ef-4c23-9cfe-439f27e07ae8
certificates.priceforbes.com/	1970-01-21 02:27:35	Name: DeviceType Value: Desktop
certificates.priceforbes.com/	1970-01-21 02:27:35	Name: Profile Value: Responsive

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://certificates.priceforbes.com/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://certificates.priceforbes.com/ Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://certificates.priceforbes.com/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' static.hotjar.com script.hotjar.com sprintr.home.mendix.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com google-analytics.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com unpkg.com maps.googleapis.com maps.google.com googletagmanager.com tagmanager.google.com https://uat-brinks.edbroking.com:35729; style-src 'self' 'report-sample' 'unsafe-inline' fonts.googleapis.com .licdn.com unpkg.com www.googletagmanager.com tagmanager.google.com; object-src 'self'; frame-src 'self' vars.hotjar.com www.linkedin.com maps.google.com maps.googleapis.com www.googletagmanager.com app.powerbi.com; child-src 'self' www.googletagmanager.com; img-src 'self' data: blob: script.hotjar.com fonts.gstatic.com validator.swagger.io www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com .linkedin.com .licdn.com .ads.linkedin.com p.adsymptotic.com unpkg.com .googleapis.com maps.google.com maps.gstatic.com www.gstatic.com .ggpht.com www.googletagmanager.com; font-src 'self' data: script.hotjar.com fonts.gstatic.com fonts.googleapis.com unpkg.com; connect-src 'self' about: wss://.hotjar.com .hotjar.com .hotjar.io fonts.googleapis.com fonts.gstatic.com sprintr.home.mendix.com www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com .linkedin.com *.licdn.com maps.googleapis.com maps.google.com www.googletagmanager.com; manifest-src 'self'; base-uri 'self'; form-action 'self' login.microsoftonline.com; media-src 'self' media.licdn.com; prefetch-src 'self'; worker-src 'self'; report-uri https://ardonaghspecialty.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

certificates.priceforbes.com
fonts.googleapis.com
fonts.gstatic.com
20.90.220.76
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
04a478905fd8c51c21003126ec485ca0cde0001605c0da399b3117443a9831af
18a9c0ca8f109fb07244f774f691196c3028cb350ad75a58dac19ef6dfe97b55
21c3807380dc6dd6b00f52f3473e2d16f19e57f91bb1ca549d1352d20daeb7cb
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
3b8312960f61bd0fc349878ecc212e307be820a79c718421187d924aff108174
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d05dc5f990e10156fcc8ea3575b02daf2e5090b57b112d7f5fa4d6e85c94036
430dcd84822d57b43ead3e3ed1675bac9d67c6f3818824a94c18ed4164cca61a
440b71d7e51eb2d0b0ffdc21262552af15b2e75f716c39a9fc2169e285530d05
4da65e3afcc2734676d6c2e78c4a8efee76ce7fd9ed4314eb58659a9ee567597
4f07c55d6beceafe3542f189c1a06a6442a5f6034b88a0630a21ad6215925d7d
727b4ad4f893446145ec7bfe37362676174b303d543bae2f0cbc66e42c99f47f
779f78e54a5d69eba84e30e352bb402c833885d8ef92f1ca3425554508b5c091
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
e37995cf3f9c4f26734f5ad1b2616a62d79f9b2f3aeea1c874cfa0cfaabd688c
e490551af77e139bd94fb4114ba3133b16a9f0a6c862e5686354a00602c04ad0

certificates.priceforbes.com Open in urlscan Pro 20.90.220.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

7670 kBTransfer

7647 kBSize

6 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

6 Cookies

3 Console Messages

Security Headers

Indicators

certificates.priceforbes.com Open in urlscan Pro
20.90.220.76 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

7670 kB
Transfer

7647 kB
Size

6
Cookies

15 HTTP transactions
1 data transactions