urlscan.io logo urlscan.io
SecurityTrails logo

credential.candidatex.co Open in urlscan Pro
143.244.138.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://credential.candidatex.co/
Effective URL: https://credential.candidatex.co/auth/login?next=%2F
Submission: On September 17 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 47 HTTP transactions. The main IP is 143.244.138.13, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is credential.candidatex.co.
TLS certificate: Issued by R10 on September 17th 2024. Valid for: 3 months.
This is the only time credential.candidatex.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 143.244.138.13 14061 (DIGITALOC...)
6 104.17.24.14 13335 (CLOUDFLAR...)
3 216.58.206.72 15169 (GOOGLE)
1 192.229.133.221 15133 (EDGECAST)
1 142.250.181.234 15169 (GOOGLE)
3 172.67.142.245 13335 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
7 7 108.157.150.23 16509 (AMAZON-02)
7 65.9.66.21 16509 (AMAZON-02)
3 142.250.185.132 15169 (GOOGLE)
1 104.16.139.209 13335 (CLOUDFLAR...)
1 172.217.23.99 15169 (GOOGLE)
4 142.250.184.206 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
2 216.58.206.66 15169 (GOOGLE)
2 2 142.250.186.46 15169 (GOOGLE)
1 142.251.168.156 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
1 104.17.128.172 13335 (CLOUDFLAR...)
1 104.16.77.142 13335 (CLOUDFLAR...)
1 104.18.137.17 13335 (CLOUDFLAR...)
1 172.64.147.16 13335 (CLOUDFLAR...)
1 104.16.160.168 13335 (CLOUDFLAR...)
4 104.16.118.116 13335 (CLOUDFLAR...)
1 104.18.244.108 13335 (CLOUDFLAR...)
47 23
2    143.244.138.13 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: app.certifyme.ubuntu-s-4vcpu-8gb-blr1-01
credential.candidatex.co
6    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net
www.googletagmanager.com
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
3    172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
ajax.googleapis.com
7    108.157.150.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-150-23.mci50.r.cloudfront.net
certifyme.online
7    65.9.66.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-21.fra56.r.cloudfront.net
www.certifyme.online
3    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    104.16.139.209 (None, )

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net
fonts.gstatic.com
4    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net
td.doubleclick.net
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
analytics.google.com
1    142.251.168.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
1    104.17.128.172 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.16.77.142 (None, )

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    104.18.137.17 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    172.64.147.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    104.16.160.168 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
4    104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
forms.hubspot.com
1    104.18.244.108 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
Apex Domain
Subdomains		 Transfer
14 certifyme.online
certifyme.online
www.certifyme.online
375 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215
174 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 140
3 KB
4 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5069
track.hubspot.com — Cisco Umbrella Rank: 2372
forms.hubspot.com — Cisco Umbrella Rank: 5885
3 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
td.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1341
12 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
305 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
229 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 407
32 KB
2 candidatex.co
credential.candidatex.co
3 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3478
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2209
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2182
26 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5629
92 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5000
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3185
4 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6611
1 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 20437
5 KB
47 19
Domain Requested by
7 www.certifyme.online credential.candidatex.co
7 certifyme.online 7 redirects
6 cdnjs.cloudflare.com credential.candidatex.co
cdnjs.cloudflare.com
4 www.google-analytics.com www.googletagmanager.com
credential.candidatex.co
www.google-analytics.com
3 www.google.com credential.candidatex.co
www.gstatic.com
3 use.fontawesome.com credential.candidatex.co
use.fontawesome.com
3 www.googletagmanager.com credential.candidatex.co
www.googletagmanager.com
js.hsadspixel.net
2 api.hubspot.com js.usemessages.com
2 analytics.google.com 2 redirects
2 td.doubleclick.net www.googletagmanager.com
2 credential.candidatex.co 1 redirects
1 forms.hubspot.com js.hsleadflows.net
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 js.hs-analytics.net js-na1.hs-scripts.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hsleadflows.net js-na1.hs-scripts.com
1 js.usemessages.com js-na1.hs-scripts.com
1 js.hsadspixel.net js-na1.hs-scripts.com
1 www.gstatic.com www.google.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 js-na1.hs-scripts.com credential.candidatex.co
1 ajax.googleapis.com credential.candidatex.co
1 fonts.googleapis.com credential.candidatex.co
1 www.w3schools.com credential.candidatex.co
47 27

This site contains links to these domains. Also see Links.

Domain
certifyme.online
Subject Issuer Validity Valid
credential.candidatex.co
R10		 2024-09-17 -
2024-12-16		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-03 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
use.fontawesome.com
WE1		 2024-09-09 -
2024-12-09		 3 months crt.sh
www.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
hs-scripts.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
hsadspixel.net
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
usemessages.com
WE1		 2024-08-08 -
2024-11-06		 3 months crt.sh
hsleadflows.net
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
hs-analytics.net
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hubapi.com
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://credential.candidatex.co/auth/login?next=%2F
Frame ID: DF8F57E1CD05427F1CEC2A020A5F7FB0
Requests: 43 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10825512812?random=1726543844143&cv=11&fst=1726543844143&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4990v885484320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&hn=www.googleadservices.com&frm=0&tiba=CertifyMe%20-%20Login&npa=0&pscdl=noapi&auid=474158381.1726543844&fledge=1&data=event%3Dgtag.config
Frame ID: 0521F86991BEB83C70144A3E2EB53244
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-CCN3B6C20H&gacid=1087460842.1726543844&gtm=45je4990v885484320za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=122339096
Frame ID: DBEFB84D92425543F0ED2A6C10211365
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcp1NkcAAAAAKYiM4pWTN3B9m2L8wPEXDtukP8i&co=aHR0cHM6Ly9jcmVkZW50aWFsLmNhbmRpZGF0ZXguY286NDQz&hl=it&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=vvnkmcezsjuk
Frame ID: 0D3824755FA6CEC6C009287EBD5994E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CertifyMe - Login

Page URL History Show full URLs

  1. https://credential.candidatex.co/ HTTP 302
    https://credential.candidatex.co/auth/login?next=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

47
Requests

81 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

23
IPs

3
Countries

1335 kB
Transfer

3351 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://credential.candidatex.co/ HTTP 302
    https://credential.candidatex.co/auth/login?next=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://certifyme.online/img/cme.png HTTP 302
  • https://www.certifyme.online/img/cme.png
Request Chain 9
  • https://certifyme.online/images/badgeISO.png HTTP 302
  • https://www.certifyme.online/images/badgeISO.png
Request Chain 10
  • https://certifyme.online/images/badgeSecure.png HTTP 302
  • https://www.certifyme.online/images/badgeSecure.png
Request Chain 11
  • https://certifyme.online/images/cyber.png HTTP 302
  • https://www.certifyme.online/images/cyber.png
Request Chain 12
  • https://certifyme.online/images/GDPR.png HTTP 302
  • https://www.certifyme.online/images/GDPR.png
Request Chain 25
  • https://analytics.google.com/g/collect?v=2&tid=G-CCN3B6C20H&gtm=45je4990v885484320za200&_p=1726543843959&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1087460842.1726543844&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726543844&sct=1&seg=0&dl=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&dt=CertifyMe%20-%20Login&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1869 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=850698540161631344&dma=0&en=page_view&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
Request Chain 28
  • https://analytics.google.com/g/collect?v=2&tid=G-CCN3B6C20H&gtm=45je4990v885484320za200&_p=1726543843959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1087460842.1726543844&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1726543844&sct=1&seg=0&dl=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&dt=CertifyMe%20-%20Login&en=scroll&_c=1&epn.percent_scrolled=90&_et=10&tfd=1880 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=15067941951400956428&dma=0&en=scroll&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
Request Chain 43
  • https://certifyme.online/img/logo.png HTTP 302
  • https://www.certifyme.online/img/logo.png
Request Chain 45
  • https://certifyme.online/img/logo.png HTTP 302
  • https://www.certifyme.online/img/logo.png

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
credential.candidatex.co/auth/
Redirect Chain
  • https://credential.candidatex.co/
  • https://credential.candidatex.co/auth/login?next=%2F
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credential.candidatex.co/auth/login?next=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
143.244.138.13 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
app.certifyme.ubuntu-s-4vcpu-8gb-blr1-01
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7084a237804a3a67624d2b643305357e9201eda67373ba760bae37e2b030f6e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Sep 2024 03:30:43 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
247
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Sep 2024 03:30:42 GMT
Location
https://credential.candidatex.co/auth/login?next=%2F
Server
nginx/1.14.0 (Ubuntu)
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 		118 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
293042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16149
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1d970"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJyjFK1WBiXcJVC4uJ2ia0H1VFtuLc3BgSeiHm3f3TiBQqo%2Bp67xRYuu%2BIZzJ2LY2Mzz2HDsrc5Ao%2FOvzev907TBqFN7HinGo5Lcpc0L63schvmBZuqYKsj0gdwWu8D8JBWSJyzw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f03a935267-MXP
expires
Sun, 07 Sep 2025 03:30:43 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-102775017-1
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3db2ef3e23c317961334d4f5b7c9e0006e14a5a4fa1ec828b0cadc82279dcee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77556
x-xss-protection
0
last-modified
Tue, 17 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Sep 2024 03:30:43 GMT
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
content-encoding
gzip
date
Tue, 17 Sep 2024 03:30:43 GMT
last-modified
Fri, 06 Sep 2024 10:45:10 GMT
server
ECS (mil/6CE7)
age
919327
etag
"0bf5ad8490db1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=31536000,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins|Inter|Roboto|Montserrat
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
f36070373c9e19c91a3b69dcd5801b5299dbc254acd87ab2330e0b25c84ac04b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Sep 2024 03:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Sep 2024 03:30:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Sep 2024 03:30:43 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
280044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93FC6wuHWBQHTVLdpxpP0KeM8Y598JqxG%2FtbsrShf1eEH60wqTbCrDMCuDHVzRPoBqtNlqtwuWqOsCSDSJy%2FwW5d92Vd4%2BhKwxovJcLs8y9waZh6zF%2FetwxakZu4nUfqzXhxaEvG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f03a945267-MXP
expires
Sun, 07 Sep 2025 03:30:43 GMT
9f0483f64c.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/9f0483f64c.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dfbc3d304fbdfdb401d92cd1dd6aae86b2a32958e594e52d18e6b382b2c4a9c

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:11:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3232
etag
W/"336ae8377033f86a6ec6051e788949a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVnsV1ZH53vVX6bghb1xN9OiC6ygC3Buo3q1O5mRR87u8ItFWSs7QfS47JQlScthJQCL289%2B%2FAm4tfqBa4bofkoXk%2FVEayOf8wG0OKXCqhNS5GNnsRsvRwGyLbjnoG9bwbce1Azu"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
8c4604f09dc10d8e-MRS
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 12:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 12:25:13 GMT
cme.png
www.certifyme.online/img/
Redirect Chain
  • https://certifyme.online/img/cme.png
  • https://www.certifyme.online/img/cme.png
260 KB
261 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.certifyme.online/img/cme.png
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
009cf6da7ae819fd7f1d55867318f1fc45855c102f08c85075e108215965a41e

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 05:49:40 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
510065
etag
"6c465883c94d6645450c329e461f1537"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
266589
x-amz-cf-id
obaugYkPm5-pnnn4ndQvpARjQcMP6gAmz23GRMfnF03pN5_7_x1-YQ==

Redirect headers

date
Tue, 17 Sep 2024 03:30:44 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/img/cme.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
QHDL-WitJDRW4XgzkoW6FqxB2Q0WW0Ll87jbLSrSE0XavE3G9_0zhQ==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
adcc83fd890fe936a5df3a16a909ddf2c466863a2422b1b811d675080cd56b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Tue, 17 Sep 2024 03:30:44 GMT
badgeISO.png
www.certifyme.online/images/
Redirect Chain
  • https://certifyme.online/images/badgeISO.png
  • https://www.certifyme.online/images/badgeISO.png
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.certifyme.online/images/badgeISO.png
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13f9050ec7f72ff2fcc01dfb9929c91c7086955a483369bab6982260aa475d0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 05:48:09 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
510156
etag
"1f1e035bdee187a0a7270aa2486b97ed"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
29349
x-amz-cf-id
OmJyioPqPGMKEKeZpWQzaHNSpsmA6UTe647CkxevTF8A8yXXZ_P6rA==

Redirect headers

date
Tue, 17 Sep 2024 03:30:44 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/images/badgeISO.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
kvaVym8WUkTjsewk8J3EcB5pH_sF-sQQ3DwxR5eXVfwPPj90t9JJiQ==
badgeSecure.png
www.certifyme.online/images/
Redirect Chain
  • https://certifyme.online/images/badgeSecure.png
  • https://www.certifyme.online/images/badgeSecure.png
36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.certifyme.online/images/badgeSecure.png
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6246bd8b947799492a47e1e96dbd5175e546cc0f4296cae93f0146906e9d90eb

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 06:29:53 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
507652
etag
"87086fd1ddf64c04646d7c83a90e8383"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
37143
x-amz-cf-id
Ou8G-FcF_FhH9USocykgxRyWiAmjMQCPqde_C8sdBSGl2j2NYnq_7Q==

Redirect headers

date
Tue, 17 Sep 2024 03:30:44 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/images/badgeSecure.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
JZWOkuXuGXT5lz2_KedVnxUJXYWse0AYYfnP6504ZX5FMBhbvKPk4w==
cyber.png
www.certifyme.online/images/
Redirect Chain
  • https://certifyme.online/images/cyber.png
  • https://www.certifyme.online/images/cyber.png
13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.certifyme.online/images/cyber.png
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f49978dd2f6025960b8dd03384b2365b7ee5b48cf1498a280d33d69121ff12d

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 05:54:49 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
509756
etag
"62eff9d1f218de82b12831c9949f513b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13761
x-amz-cf-id
FmpQ8pJOttrTZE8ud8qMn2rPiuf1A_CNtXXfDv4zu6B7Lxfo3_n7qg==

Redirect headers

date
Tue, 17 Sep 2024 03:30:44 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/images/cyber.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
Yl-ZY6yVDIpRQvk9A1w92II-JEtwkp67AMMvrGLVKgI3y3WL3vQ4-g==
GDPR.png
www.certifyme.online/images/
Redirect Chain
  • https://certifyme.online/images/GDPR.png
  • https://www.certifyme.online/images/GDPR.png
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.certifyme.online/images/GDPR.png
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91627db47595513923ebb7e353adfe71f7061a81ccffc8281567d1719b0f2c79

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 18:18:17 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
119548
etag
"4445773977e8c492bbaf0b45218da1bd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
24653
x-amz-cf-id
zha9BfahdSMs66KuLtr5V7ghoMz3dsHaTLq6gq2co_Sx9Dmo1HlDdA==

Redirect headers

date
Tue, 17 Sep 2024 03:30:44 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/images/GDPR.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
6rt2_WkaxRx5STrFNe_pTgOhaNx8sPJI47AsdgjxsAxyQMEPrVVFpg==
9169908.js
js-na1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/9169908.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272ab48405f4c3a618928fb58e4aef6409a08164b483e2d68bcd1a6e27f74ded
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3fd60f51-c004-4f72-9d43-0399cc977374
cf-polished
origSize=2481
x-envoy-upstream-service-time
34
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3fd60f51-c004-4f72-9d43-0399cc977374
cf-bgj
minify
last-modified
Tue, 17 Sep 2024 03:30:16 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://certificates.sportsafety.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-prl6d
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
8c4604f3a8a60d68-MXP
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
274219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQ1sF%2F8%2BoCZEtYRXJGqzIPODvBm2DAlwg1z4R3bKmsbrImOKfWnOneGrLSVAR%2BI3SYBYx5Vm0%2BX6U1cX38ZIMdwXQCT8TXr5D%2BnK2PL9lLaA%2FXZh4Dg2Weno9waru3NryZneSuvx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f11b2f5267-MXP
expires
Sun, 07 Sep 2025 03:30:44 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
279875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8722
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-90b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUaqXmXKcryXNplSCsHmklND%2BndnxUnAtU%2B4nCU7tQv6oIGyU671A04EkYSQ2Z7dgN9ycJe%2FMheV3ZDZxK%2FMlL93Ou0KcY7ZbmxcXKGNsGxNXIBp3D7f52gOKi4mibsj4UaZ0raQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f11b315267-MXP
expires
Sun, 07 Sep 2025 03:30:44 GMT
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/ 		162 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment-with-locales.min.js
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f828fba78735e7a4148eecda050132f08449b67c65e0583f7466a9b75deba686
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2188116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37081
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-28817"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlZqQE9XEVe%2FOn0OcE0GUQaAyvI8Tpy8RncW9VjmFBps9K1kK0gMSRqSPL%2FxyxCCqnf1%2FM9iF02O6P9pJsoeOh8PazRUFDi%2BVHG2Pqhk3ssZvaXZOOSHmIYjUkrHaD1hMYAMwqIR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f11b335267-MXP
expires
Sun, 07 Sep 2025 03:30:44 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://credential.candidatex.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
270277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FlhG7cg9p8sdm3mrvi4e25oxSQ7RLQmZ1FXyQ0SHvWaa5kZQzVgwEyUEi5uUQH0YWlii%2BEY14sDp2T6lDBFOhoMAWaqTLhhd4DuExzSDHVUoowiNpTK%2BSQ002k8UxCKQ5BmLrQl"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c4604f3f9a70e75-MXP
expires
Sun, 07 Sep 2025 03:30:44 GMT
9f0483f64c.css
use.fontawesome.com/ 		1 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/9f0483f64c.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/9f0483f64c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0bbc1066ac500d49c41a22ccf69d60b82365295adcae78e166bae933d1334d

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:11:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3233
etag
W/"41463ac2114cbcaae5dca6704ada7375"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVh9KMtjB9Y5ygPaHVVIQuCNG4erj2tJeBADkOdSA1Oe1DINBPO4HdXuIcwUfpHYGHhyl0UuV2O0czpOgn3MDeqOe5Vh6V3U3hRmgIHRLl4vklLoJ8SpKZ2LdLbil62LLgu%2B5SN1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8c4604f11e930d8e-MRS
alt-svc
h3=":443"; ma=86400
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins|Inter|Roboto|Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://credential.candidatex.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:39:25 GMT
x-content-type-options
nosniff
age
575479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:39:25 GMT
js
www.googletagmanager.com/gtag/ 		341 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CCN3B6C20H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102775017-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a9c82f07fe42cab10b507de0ba3bed6485cdc38e3a71a8fbe180d9a8f2fe9c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
117031
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Sep 2024 03:30:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102775017-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Sep 2024 02:02:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 17 Sep 2024 04:02:04 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/9f0483f64c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://use.fontawesome.com/9f0483f64c.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
890169
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQ6fVM%2BEyFucPuQfbOu4TXbrDWFNgisvJVaMj3t181TUaSh8iieivoXznyIaXfEGgRI08mmtzsSFmMTc2sCWTSdSlcVBy2%2FXC4llfIkYt4iZL3ZK47S%2FbZgAwJixEqA%2F303wDOtU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
8c4604f18f0e0d8e-MRS
alt-svc
h3=":443"; ma=86400
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10825512812/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10825512812/?random=1726543844143&cv=11&fst=1726543844143&bg=ffffff&guid=ON&async=1&gtm=45je4990v885484320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&hn=www.googleadservices.com&frm=0&tiba=CertifyMe%20-%20Login&npa=0&pscdl=noapi&auid=474158381.1726543844&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCN3B6C20H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
96a3717c58ca062398c28d2b6cf3086177ad8da794de668f3335203991a99923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10825512812
td.doubleclick.net/td/rul/ Frame 0521 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10825512812?random=1726543844143&cv=11&fst=1726543844143&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4990v885484320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&hn=www.googleadservices.com&frm=0&tiba=CertifyMe%20-%20Login&npa=0&pscdl=noapi&auid=474158381.1726543844&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCN3B6C20H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 03:30:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-CCN3B6C20H&gtm=45je4990v885484320za200&_p=1726543843959&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1087460842.1726543844&ul=it-it&sr=1600x120...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=850698540161631344&dma=0&en=page_view&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=h...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=850698540161631344&dma=0&en=page_view&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xe664246947b47751","source_keys":["1"]},{"key_piece":"0xe9dd051e725c4fba","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"850698540161631344","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["10825512812"],"5":["09-17","09-16","09-15"]}}
date
Tue, 17 Sep 2024 03:30:45 GMT
attribution-reporting-register-os-trigger
"https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1087460842.1726543844&dbk=850698540161631344&dma=0&en=page_view&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F"
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=850698540161631344&dma=0&en=page_view&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
466
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CCN3B6C20H&cid=1087460842.1726543844&gtm=45je4990v885484320za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCN3B6C20H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credential.candidatex.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame DBEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-CCN3B6C20H&gacid=1087460842.1726543844&gtm=45je4990v885484320za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=122339096
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCN3B6C20H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 03:30:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-CCN3B6C20H&gtm=45je4990v885484320za200&_p=1726543843959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1087460842.1726543844&ul=it-it&sr=1600x1200&uaa=&...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=15067941951400956428&dma=0&en=scroll&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=ht...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=15067941951400956428&dma=0&en=scroll&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xe664246947b47751","source_keys":["1"]},{"key_piece":"0x28ea7d8710bc6bd","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"15067941951400956428","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["10825512812"],"5":["09-17","09-16","09-15"]}}
date
Tue, 17 Sep 2024 03:30:45 GMT
attribution-reporting-register-os-trigger
"https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1087460842.1726543844&dbk=15067941951400956428&dma=0&en=scroll&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F"
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1087460842.1726543844&dbk=15067941951400956428&dma=0&en=scroll&gtm=45je4990v885484320za200&npa=0&tid=G-CCN3B6C20H&dl=https%3A%2F%2Fcredential.candidatex.co%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
465
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 		539 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
d9b4a7ce18dc79741988e67e0f310d54e8762ac112ee22ffc8041c86e4819cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
Origin
https://credential.candidatex.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218345
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Sep 2025 11:42:17 GMT
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/9169908.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.128.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:45 GMT
content-encoding
gzip
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-version-id
CKdUucj42qReK_MB.X3dwG61CXEt1Id2
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4c86ba50-6841-496d-9e08-e9bec86d4c41
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.595/bundles/pixels-release.js&cfRay=8be6fc73bfbc0d80-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
21
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4c86ba50-6841-496d-9e08-e9bec86d4c41
last-modified
Thu, 05 Sep 2024 14:32:20 UTC
server
cloudflare
etag
W/"ba2542491f85a69ea1e0553167ab5227"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-4g5hc
cf-ray
8c4604f94a9c522e-MXP
x-amz-cf-id
_uEMLB7sl9n1oY1dxbeAHkMwWEgSXof6AWvBexJZle-QcDpp2BXKPA==
x-hs-target-asset
adsscriptloaderstatic/static-1.595/bundles/pixels-release.js
conversations-embed.js
js.usemessages.com/ 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/9169908.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.77.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd1eeea9a84bbb9da4242e3fded646968578781cfe765c3221b178348022621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:45 GMT
content-encoding
gzip
via
1.1 8696978c2d465ffc3a342761ace51d9e.cloudfront.net (CloudFront)
x-amz-version-id
3rm_HSEMD1_79kfH89MTU_dIdeZgqbi8
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD61-P1
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
e4e4b22e-9db7-410a-8b8e-ca977a232aef
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18002/bundles/project.js&cfRay=8c2223076e1639e0-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
13
x-envoy-upstream-service-time
9
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e4e4b22e-9db7-410a-8b8e-ca977a232aef
last-modified
Thu, 12 Sep 2024 18:49:40 UTC
server
cloudflare
etag
W/"01059e38eff55a13b70d8ad0b2d1452d"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
MISS
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-ncl8g
cf-ray
8c4604f94c744bf4-MXP
x-amz-cf-id
EHsbFOQjH5ENfibFrTS1xmnGq0Qb8w16JFqkgX5xrFsLUm34f1a6JA==
x-hs-target-asset
conversations-embed/static-1.18002/bundles/project.js
leadflows.js
js.hsleadflows.net/ 		551 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/9169908.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.137.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1233a49c4ecec12fed969bc83cd6ba59d8b2b88bef31988d9384f7e54c42e20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
Origin
https://credential.candidatex.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1627/bundle/main/lead-flows-release.js&cfRay=8c4604f94ec74c57-ARN
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d65c542c3a53442feef1a0f44071183"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1627/bundle/main/lead-flows-release.js
date
Tue, 17 Sep 2024 03:30:45 GMT
x-amz-version-id
WgPQEOT.QDI5zKnRYhaKsuHqDz44RIEz
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
a8fdb447-9d0a-4200-8033-bcf4693e8c24
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-request-id
a8fdb447-9d0a-4200-8033-bcf4693e8c24
last-modified
Thu, 12 Sep 2024 08:49:54 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-78bcm
cf-ray
8c4604f94ec74c57-MXP
x-amz-cf-id
iImrLHzoRQfmxpxeKwFURYRM1G5g9oiOLPz-JCZNREpJIbzdL9gcFg==
banner.js
js.hs-banner.com/v2/9169908/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/9169908/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/9169908.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a69a33ed8715763dd609177924fdd38eb4effe314825698aac4feb777bbcb75

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:45 GMT
x-amz-version-id
JGAEmAFVW7Fr7d1RLLOkSMJYsErN56gN
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8NRT8F074AYD6FKB
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4ed5ba41-0543-4f37-9e0e-77f242c53acd
x-envoy-upstream-service-time
118
x-amz-id-2
QBN0jGpFeJKRpeIXHQKVOPg4E6R/a13z3AoVhMCd/V7w4ONowDE4UX4N7S1kCJucciRNjCjfqGc=
x-evy-trace-listener
listener_https
x-request-id
4ed5ba41-0543-4f37-9e0e-77f242c53acd
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 15:26:48 GMT
server
cloudflare
etag
W/"a4899bb0195b799c78a776662c6e0b74"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://credentials.agrc.org
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-k5ntq
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8c4604f96cea4c63-MXP
expires
Tue, 17 Sep 2024 03:35:16 GMT
9169908.js
js.hs-analytics.net/analytics/1726543800000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1726543800000/9169908.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/9169908.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
084b85a4c84bc3c52566edc27dd37de09a38b1c2ce9532389af09c35de563333

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:45 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
35843XZHRD5XHKFK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
2427ae9e-14bf-4c6e-bbf0-7c544337fcc8
x-envoy-upstream-service-time
104
x-amz-id-2
+QFTz9b1hPuifeIOSD0d9QoEEP+ehtNzxCKdbzGqI4GqVbllIFqZk47lYrbgfkN2xF6WWHyVrlFegjivxq1IoMO0iP7JLnpH58Rp9I2uJwo=
x-evy-trace-listener
listener_https
x-request-id
2427ae9e-14bf-4c6e-bbf0-7c544337fcc8
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 09 Sep 2024 20:32:32 GMT
server
cloudflare
etag
W/"1d5cb826a559985284560b502debb530"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-9l96m
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8c4604f93997ba99-MXP
expires
Tue, 17 Sep 2024 03:35:16 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1843850812&t=pageview&_s=1&dl=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&ul=it-it&de=UTF-8&dt=CertifyMe%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=775301230&gjid=772238555&cid=1087460842.1726543844&tid=UA-102775017-1&_gid=2057102159.1726543845&_r=1&gtm=457e4990za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=2067267332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credential.candidatex.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10825512812/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10825512812/?random=1726543844143&cv=11&fst=1726542000000&bg=ffffff&guid=ON&async=1&gtm=45je4990v885484320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&hn=www.googleadservices.com&frm=0&tiba=CertifyMe%20-%20Login&npa=0&pscdl=noapi&auid=474158381.1726543844&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfy7RLfTk6FDhNaRRm6y5b93erA_eF6g&random=3579343305&rmt_tld=0&ipr=y
Requested by
Host: credential.candidatex.co
URL: https://credential.candidatex.co/auth/login?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Sep 2024 03:30:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0D38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcp1NkcAAAAAKYiM4pWTN3B9m2L8wPEXDtukP8i&co=aHR0cHM6Ly9jcmVkZW50aWFsLmNhbmRpZGF0ZXguY286NDQz&hl=it&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=vvnkmcezsjuk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KhC-EyU3X6YJeBS36aqMZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KhC-EyU3X6YJeBS36aqMZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 03:30:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
public
api.hubspot.com/livechat-public/v1/message/ 		286 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=9169908&conversations-embed=static-1.18002&mobile=false&messagesUtk=b6a9300c31ec4e789e4147e19f127e5f&traceId=b6a9300c31ec4e789e4147e19f127e5f
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbfde859aec5eb38c38144859247cc7137e0f9d69d8c7c282384ac2d186b00c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
X-HubSpot-Messages-Uri
https://credential.candidatex.co/auth/login?next=%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8488dfdf-4bfd-4319-9cda-cdc3827fbd3a
x-envoy-upstream-service-time
16
content-length
230
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8488dfdf-4bfd-4319-9cda-cdc3827fbd3a
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://credential.candidatex.co
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-76kg4
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSD0zIz%2FbcnwBgRK2yHQFuiFxKf33wn%2Bb5xvuXMzVRAiXus%2BdUuDBYIIM0KGVAgV7LMnKZGgSEVeeiCAmojkB0FlrGbrfymkrAobCH9GEtX1XlOt8Fq2ANY8O%2FhDRPdVWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c4604fd8aa1baab-MXP
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		117 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=9169908
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.244.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1c25f5f1edcc57a13249273eeef60c30a9aa0b11d6d87429e0413569005e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2941939e-2b9f-4b49-9309-03c88b10bb82
content-encoding
br
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2941939e-2b9f-4b49-9309-03c88b10bb82
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://credential.candidatex.co
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-5n7tp
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsS%2B0h4g%2Fl8zARZfzvy1MnBhewGZXeE4HMk9ynAJGmrH3X1Jz43AK8uMenQ22M%2Ff4mAdCYgaBxrcI7YrvC6AOQ17IoFZgEPYwKt9KWD%2BNJPDQtcpaH1u%2BYQSGSd9%2BZQ%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8c4604fd2deebb03-MXP
access-control-allow-headers
*
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=9169908&conversations-embed=static-1.18002&mobile=false&messagesUtk=b6a9300c31ec4e789e4147e19f127e5f&traceId=b6a9300c31ec4e789e4147e19f127e5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://credential.candidatex.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://credential.candidatex.co
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8c4604fc89f2baab-MXP
content-length
18
content-type
text/plain; charset=utf-8
date
Tue, 17 Sep 2024 03:30:45 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcKeSYhSEX4A38IkOEGWd0vDZEtNumfEEXjFqlhcmvUCQXAJgkPgWcPTBn5J8LwoSAf1Wz%2FCYJhCzx6ZzpnPVek0OhSBlr2Yum6vwdDrMCovQMYkVj4%2BigQlnY4GTIZz6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-xwrlb
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
55639584-e173-4491-bcd6-ca87fd53d4e3
x-request-id
55639584-e173-4491-bcd6-ca87fd53d4e3
js
www.googletagmanager.com/gtag/ 		341 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10825512812
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2d52e7d5d680b9adbe7cdd6966f4d9e09ccb97c3f933160577d28b73a68c9d94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
117043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Sep 2024 03:30:46 GMT
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=430326251&v=1.1&a=9169908&pu=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F&t=CertifyMe+-+Login&cts=1726543847047&vi=b27b9c81cecd16f8043b2a93984899e1&nc=true&u=29026659.b27b9c81cecd16f8043b2a93984899e1.1726543847044.1726543847044.1726543847044.1&b=29026659.1.1726543847044&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b79aa8b8-d07a-4ba7-a9fe-b5d175b74b69
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b79aa8b8-d07a-4ba7-a9fe-b5d175b74b69
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtF6H6JDHjfREtKsUYlBNklI9j8DwFA6FDkrV0AaR7f3rDPaqOWfgPCoiJ8zfhKQ%2BmZksgs5Sy3lqyXpRiEvEMTGX9irK9VNiUWZDtNmiR0KGdm%2BHiAyuge1qP%2BkncOOm4aX"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-g8kr8
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8c46050709a60f82-MXP
x-robots-tag
none
logo.png
www.certifyme.online/img/
Redirect Chain
  • https://certifyme.online/img/logo.png
  • https://www.certifyme.online/img/logo.png
7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.certifyme.online/img/logo.png
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1b9f69d6d69815ed7f03a4cbbc9e147d41f8f82f9abeb2a45751bd037087c6d

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 05:49:24 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
510083
etag
"74b8514baaff5725affe83074bd0e465"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
7268
x-amz-cf-id
W6DUpLONJjqCn602Qq5fjSKagKeFeM7kYP1bbD98cniLONId6EjvlQ==

Redirect headers

date
Tue, 17 Sep 2024 03:30:47 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/img/logo.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
fo60ca0hpdkKpeZ-21JmCwQwPeTgI651SedxFCRi-jxYy4wh8K8ufw==
json
forms.hubspot.com/lead-flows-config/v1/config/ 		177 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=9169908&utk=b27b9c81cecd16f8043b2a93984899e1&__hstc=29026659.b27b9c81cecd16f8043b2a93984899e1.1726543847044.1726543847044.1726543847044.1&__hssc=29026659.1.1726543847044&currentUrl=https%3A%2F%2Fcredential.candidatex.co%2Fauth%2Flogin%3Fnext%3D%252F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09268fb51a368be4beb22b4200581efb8894e5b138ebefbd72ee388e95411cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 17 Sep 2024 03:30:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6c3d3b29-4185-4dad-8e89-80db4bb7a676
content-encoding
br
x-envoy-upstream-service-time
23
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6c3d3b29-4185-4dad-8e89-80db4bb7a676
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://credential.candidatex.co
x-evy-trace-virtual-host
all
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-f7m5s
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icxIRym%2BXnZ3onJIeKe76fqaVlBrGryIOS1%2F8Q7MrxKDj3jEQ2l1TXe4llnO1MeSqlGgEvPE8EYozb8LhWkIa7VwvN3MXz3eXkXZ86BzFmGqMoCTK%2BRFQgUp2owVteD4yUgo"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8c4605049f1cbaab-MXP
logo.png
www.certifyme.online/img/
Redirect Chain
  • https://certifyme.online/img/logo.png
  • https://www.certifyme.online/img/logo.png
7 KB
340 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.certifyme.online/img/logo.png
Protocol
H2
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1b9f69d6d69815ed7f03a4cbbc9e147d41f8f82f9abeb2a45751bd037087c6d

Request headers

Referer
https://credential.candidatex.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 05:49:24 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Sep 2024 05:47:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
510083
etag
"74b8514baaff5725affe83074bd0e465"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0, s-maxage=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5uBZIwPQnsgxRtmAPcA13vEAiXsjW1DQg6-p22Sj2mLbrpBp1xQFRA==
content-length
7268

Redirect headers

date
Tue, 17 Sep 2024 03:30:47 GMT
via
1.1 db384285b2535d4c9a1ebe3b38dfd66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
location
https://www.certifyme.online/img/logo.png
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
2HgEM_WA7ubzJUXXPTRps8btgidVgcYdU06G8exFd6uo-0EOcUZkNA==

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| FontAwesomeCdnConfig string| cssUrl function| $ function| jQuery function| beautifyInputElements object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| jQuery112406212525870098156 function| moment function| flask_moment_render function| flask_moment_render_all function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _hsp object| gaplugins object| gaData object| recaptcha object| closure_lm_288416 boolean| PIXELS_RAN object| enabledEventSettings object| _hsq boolean| hubspot_live_messages_running object| HubSpotConversations function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

14 Cookies

Domain/Path Name / Value
credential.candidatex.co/ Name: session
Value: eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNDVkMDRlYTkzNjUxZThjNTY1ZTIyNDE3OGUwM2M3NzJhZWMyOGI5NyJ9.GcqJYw.IzYTkzgTkhOnZ-VcGxXOadkRA5Q
.candidatex.co/ Name: _gcl_au
Value: 1.1.474158381.1726543844
.candidatex.co/ Name: _ga_CCN3B6C20H
Value: GS1.1.1726543844.1.0.1726543844.60.0.0
.candidatex.co/ Name: _ga
Value: GA1.2.1087460842.1726543844
.candidatex.co/ Name: _gid
Value: GA1.2.2057102159.1726543845
.candidatex.co/ Name: _gat_gtag_UA_102775017_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.www.google-analytics.com/ Name: ar_debug
Value: 1
credential.candidatex.co/ Name: __hstc
Value: 29026659.b27b9c81cecd16f8043b2a93984899e1.1726543847044.1726543847044.1726543847044.1
credential.candidatex.co/ Name: hubspotutk
Value: b27b9c81cecd16f8043b2a93984899e1
credential.candidatex.co/ Name: __hssrc
Value: 1
credential.candidatex.co/ Name: __hssc
Value: 29026659.1.1726543847044
.hubspot.com/ Name: __cf_bm
Value: nWdf6ooMZGlFc8vKRH8hdI8g3oLTegFfqKUYrEiZ.f0-1726543847-1.0.1.1-FbPLPHy_bEUPe5JeBnb7brybXn6cApwCnKG81C6Tyl3Gt7hGPRoVp58s5yZwsE3j89GL1PShbae0kfj7PDD3Lg
.hubspot.com/ Name: _cfuvid
Value: 1FRpBmIX84vuVSGPprQNLGqPNfdEoDQvlgnvJ4maAf0-1726543847648-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://credential.candidatex.co/auth/login?next=%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
api.hubapi.com
api.hubspot.com
cdnjs.cloudflare.com
certifyme.online
credential.candidatex.co
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
use.fontawesome.com
www.certifyme.online
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.w3schools.com
104.16.118.116
104.16.139.209
104.16.160.168
104.16.77.142
104.17.128.172
104.17.24.14
104.18.137.17
104.18.244.108
108.157.150.23
142.250.181.234
142.250.184.206
142.250.185.132
142.250.185.194
142.250.185.195
142.250.186.46
142.250.186.74
142.251.168.156
143.244.138.13
172.217.23.99
172.64.147.16
172.67.142.245
192.229.133.221
216.58.206.66
216.58.206.72
65.9.66.21
009cf6da7ae819fd7f1d55867318f1fc45855c102f08c85075e108215965a41e
084b85a4c84bc3c52566edc27dd37de09a38b1c2ce9532389af09c35de563333
09268fb51a368be4beb22b4200581efb8894e5b138ebefbd72ee388e95411cdb
0d0bbc1066ac500d49c41a22ccf69d60b82365295adcae78e166bae933d1334d
1c1c25f5f1edcc57a13249273eeef60c30a9aa0b11d6d87429e0413569005e92
1dd1eeea9a84bbb9da4242e3fded646968578781cfe765c3221b178348022621
272ab48405f4c3a618928fb58e4aef6409a08164b483e2d68bcd1a6e27f74ded
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d52e7d5d680b9adbe7cdd6966f4d9e09ccb97c3f933160577d28b73a68c9d94
3a69a33ed8715763dd609177924fdd38eb4effe314825698aac4feb777bbcb75
3db2ef3e23c317961334d4f5b7c9e0006e14a5a4fa1ec828b0cadc82279dcee3
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4f49978dd2f6025960b8dd03384b2365b7ee5b48cf1498a280d33d69121ff12d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
6246bd8b947799492a47e1e96dbd5175e546cc0f4296cae93f0146906e9d90eb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7084a237804a3a67624d2b643305357e9201eda67373ba760bae37e2b030f6e0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8dfbc3d304fbdfdb401d92cd1dd6aae86b2a32958e594e52d18e6b382b2c4a9c
91627db47595513923ebb7e353adfe71f7061a81ccffc8281567d1719b0f2c79
96a3717c58ca062398c28d2b6cf3086177ad8da794de668f3335203991a99923
a9c82f07fe42cab10b507de0ba3bed6485cdc38e3a71a8fbe180d9a8f2fe9c70
adcc83fd890fe936a5df3a16a909ddf2c466863a2422b1b811d675080cd56b02
c1233a49c4ecec12fed969bc83cd6ba59d8b2b88bef31988d9384f7e54c42e20
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
d1b9f69d6d69815ed7f03a4cbbc9e147d41f8f82f9abeb2a45751bd037087c6d
d9b4a7ce18dc79741988e67e0f310d54e8762ac112ee22ffc8041c86e4819cf3
dbfde859aec5eb38c38144859247cc7137e0f9d69d8c7c282384ac2d186b00c1
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13f9050ec7f72ff2fcc01dfb9929c91c7086955a483369bab6982260aa475d0
f36070373c9e19c91a3b69dcd5801b5299dbc254acd87ab2330e0b25c84ac04b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f828fba78735e7a4148eecda050132f08449b67c65e0583f7466a9b75deba686