URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Submission: On December 05 via manual from US — Scanned from NL

Summary

This website contacted 16 IPs in 6 countries across 11 domains to perform 50 HTTP transactions. The main IP is 51.124.12.35, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is home.portal.certifid.com. The Cisco Umbrella rank of the primary domain is 663735.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 2nd 2023. Valid for: 6 months.
This is the only time home.portal.certifid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 51.124.12.35 8075 (MICROSOFT...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.53 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
8 104.18.72.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 20.49.104.19 8075 (MICROSOFT...)
1 54.192.111.72 16509 (AMAZON-02)
4 35.180.145.57 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 34.255.189.176 16509 (AMAZON-02)
3 104.16.53.111 13335 (CLOUDFLAR...)
1 13.32.99.95 16509 (AMAZON-02)
4 15.188.160.118 16509 (AMAZON-02)
50 16
Apex Domain
Subdomains
Transfer
16 certifid.com
home.portal.certifid.com — Cisco Umbrella Rank: 663735
bff.portal.certifid.com — Cisco Umbrella Rank: 682153 Failed
539 KB
9 stonly.com
stonly.com — Cisco Umbrella Rank: 32393
s.stonly.com — Cisco Umbrella Rank: 53627
api.stonly.com — Cisco Umbrella Rank: 34716
130 KB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2043
ekr.zdassets.com — Cisco Umbrella Rank: 2264
214 KB
3 zendesk.com
certifid.zendesk.com — Cisco Umbrella Rank: 814825
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
226 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6459
161 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
260 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
10 KB
50 11
Domain Requested by
15 home.portal.certifid.com home.portal.certifid.com
7 static.zdassets.com home.portal.certifid.com
static.zdassets.com
4 api.stonly.com stonly.com
4 stonly.com home.portal.certifid.com
stonly.com
3 certifid.zendesk.com static.zdassets.com
3 www.googletagmanager.com home.portal.certifid.com
www.googletagmanager.com
2 fonts.googleapis.com client
1 s.stonly.com stonly.com
1 content.hotjar.io script.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 script.hotjar.com static.hotjar.com
1 bff.portal.certifid.com home.portal.certifid.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com home.portal.certifid.com
1 use.fontawesome.com client
50 16

This site contains no links.

Subject Issuer Validity Valid
home.portal.certifid.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-08-02 -
2024-02-02
6 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
zdassets.com
E1
2023-10-23 -
2024-01-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
bff.portal.certifid.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-08-10 -
2024-02-10
6 months crt.sh
stonly.com
R3
2023-10-19 -
2024-01-17
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2023-03-02 -
2024-03-30
a year crt.sh
certifid.zendesk.com
Cloudflare Inc ECC CA-3
2023-03-01 -
2024-02-29
a year crt.sh

This page contains 3 frames:

Primary Page: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Frame ID: 5330617BB42017DFB8ACEE51C423DA8B
Requests: 36 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Frame ID: D34B3F9CDCBAC26020F822E7964CDAFA
Requests: 8 HTTP requests in this frame

Frame: https://s.stonly.com/stonly-stat-id.html?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&v=1.5
Frame ID: 9CACE169C493305BDF1E83FF3DEF42F1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

CertifID

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

50
Requests

94 %
HTTPS

33 %
IPv6

11
Domains

16
Subdomains

16
IPs

6
Countries

1198 kB
Transfer

3899 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ecd22d47-a822-400c-b8c0-4e9094876661
home.portal.certifid.com/client/send/
838 B
4 KB
Document
General
Full URL
https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96d9814082581fffdf60d236e077e8ae99d69e88073db4ba3197beb6bb651c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type
text/html
date
Tue, 05 Dec 2023 14:41:22 GMT
etag
"21211987"
feature-policy
microphone 'none'; camera 'none'; payment 'none';
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
profile-script.js
home.portal.certifid.com/
3 KB
5 KB
Script
General
Full URL
https://home.portal.certifid.com/profile-script.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
333092c28da0b633324a085065e53f1f9f0f3cd5f2c597b5dc9a02663ed362b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
chunk-vendors.118d0d43.js
home.portal.certifid.com/js/
504 KB
161 KB
Script
General
Full URL
https://home.portal.certifid.com/js/chunk-vendors.118d0d43.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1662150f530b4637002b15f7a5f8474622e87ffb5789167949d5f9fcb856145c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app.6b5c5f3c.js
home.portal.certifid.com/js/
530 KB
92 KB
Script
General
Full URL
https://home.portal.certifid.com/js/app.6b5c5f3c.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d5d70c5284eb5a9e4163e4087c545908cab20905a9c9dafe7730988f7f10536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:21 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
all.css
use.fontawesome.com/releases/v5.2.0/css/
46 KB
10 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1944543
etag
W/"20a9ce516eaea76da29a23adc43e8998"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9Zx7UCBZk1JFLAz4rk3djG0chHIUhdRuqyQqd9IMZO%2Bm4HU5zNBOZPWudjbeESvZXL0mijuVEDR81Z6QnOIQWqikw0ZDP5iaTr1EuHtSDBuFOFw6qmPyxqvqX2o7prIrb%2Fid%2BqDTeW4zKIxx2A%2F8xNA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
830d0cb3aa7d66b8-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/
2 KB
854 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oxygen:wght@300;400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d3d233a7ce6e1bbd5bb86642610970a96bd4931d4f11b093f8b4ba924fafa14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 13:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 14:41:22 GMT
css
fonts.googleapis.com/
793 B
470 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=DM+Serif+Display:400
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ddedae7c411cb9ea7089fd9453ccb5d1751b0b8249f97ec20e20796cc89f86f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 14:41:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 14:41:22 GMT
appSettings.prod.json
home.portal.certifid.com/
1 KB
5 KB
XHR
General
Full URL
https://home.portal.certifid.com/appSettings.prod.json
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/chunk-vendors.118d0d43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c367fa0d1fa6fd4b20452e9619a73eda50dbfae71f97e494832eb9cfb8cd7723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
application/json
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
hotjar-2333061.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2333061.js?sv=6
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/chunk-vendors.118d0d43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
595421b961eb2f34b3fb0ae85fc8011607cb97a10f27602fb6db5bcba61bb770
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/af283b4a3fedcab187fbabd741bd7b78
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
EoCGBPcJRpkbbz5U0VHpvbUq9ugT14Syff2SPBXV-Cj_eKwwnI_pKQ==
gtm.js
www.googletagmanager.com/
160 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDT7CNN
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/chunk-vendors.118d0d43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b05cefc0fc11d530d6997ccdd586886ede4d1c582fa70f1ec8a0feebb9f32bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59923
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 14:41:22 GMT
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/chunk-vendors.118d0d43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c51aa0ea6c47d7b30cf37c90d0db8db905c8f8a471423ab76b7dced6a73c8848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85526
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 14:41:22 GMT
698.b9861852.js
home.portal.certifid.com/js/
11 KB
7 KB
Script
General
Full URL
https://home.portal.certifid.com/js/698.b9861852.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd8d1fcff130fa9c5cc4eb55f84ed45d1f797cf8de1a8600eb875674a0b72aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
366.b3d6b238.js
home.portal.certifid.com/js/
20 KB
9 KB
Script
General
Full URL
https://home.portal.certifid.com/js/366.b3d6b238.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f2244b4085df18343090518d16b858de24a793e91e03bfa52c015ca66186594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
101.26a8f35a.js
home.portal.certifid.com/js/
15 KB
8 KB
Script
General
Full URL
https://home.portal.certifid.com/js/101.26a8f35a.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa4523783310d5e6a63b1694699843fbf33632383047909e9bfca9be4d71a884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
140.1f90a8f7.js
home.portal.certifid.com/js/
53 KB
17 KB
Script
General
Full URL
https://home.portal.certifid.com/js/140.1f90a8f7.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b94db283c37f2e2bc000239b36338e40009e79e9ef21380ae147917d4adaee32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
48.1b3ad66e.js
home.portal.certifid.com/js/
35 KB
12 KB
Script
General
Full URL
https://home.portal.certifid.com/js/48.1b3ad66e.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a02246e0bae0c0fc417185790a212af107bcb257bb793cc3b5889360ae0673a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
593.aaf1f248.js
home.portal.certifid.com/js/
169 KB
44 KB
Script
General
Full URL
https://home.portal.certifid.com/js/593.aaf1f248.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2dd291594df1136d7566444ca32a1f21f767ceda1acc56afb15003503eb8780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
624.07ba3939.js
home.portal.certifid.com/js/
439 KB
123 KB
Script
General
Full URL
https://home.portal.certifid.com/js/624.07ba3939.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b14c279d34eb7b79f2d6d3916b3d49e435ad9042118cc120f79683d9953983a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
client-send.b622026e.js
home.portal.certifid.com/js/
118 KB
31 KB
Script
General
Full URL
https://home.portal.certifid.com/js/client-send.b622026e.js
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1f3896f0463825202d139d544632b39991f05ccb17e30bb8501edd8412a333c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
x-content-type-options
nosniff
etag
"21211987"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
wave-white.593b5002.png
home.portal.certifid.com/img/
11 KB
15 KB
Image
General
Full URL
https://home.portal.certifid.com/img/wave-white.593b5002.png
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9aab26c1639abef6e474723476d570aa034b68e25a09906214d14f4352be8b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
etag
"21211987"
x-dns-prefetch-control
off
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
content-length
11002
x-xss-protection
1; mode=block
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/js/app.6b5c5f3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
VJNSTS6NH24VGZXW
age
57
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZaA0/pNyb81iWefpjGS4Q1RaRzQbA+fGKlK3Mf/p7f/BJNjQ5D4umJJ3DA6PSAUaVAklKLutfM8=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTyPRdtCu2hOV%2Ftz0tJ8zkwoj%2FjsYFg0oMrjf7SdIG6%2FbxiLOID7Wc87u1q%2BjkXBrtbmMfCd2E3KegUFlINXlJmkneH4wzxyIk2akIZRsH76nUey3HK7VR9W%2FFEd9BOE6Ry5vU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
830d0cb48ae4655d-AMS
certifid-icon.cdfe3529.svg
home.portal.certifid.com/img/
1 KB
5 KB
Image
General
Full URL
https://home.portal.certifid.com/img/certifid-icon.cdfe3529.svg
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.12.35 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0adc2fad9a2201b20e61d22f4e462a54bde5b52db1219c20b926d75c95eb7c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 02:08:36 GMT
etag
"21211987"
x-dns-prefetch-control
off
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
public, must-revalidate, max-age=30
feature-policy
microphone 'none'; camera 'none'; payment 'none';
content-length
1231
x-xss-protection
1; mode=block
2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oxygen:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://home.portal.certifid.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:16:59 GMT
x-content-type-options
nosniff
age
401063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16348
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 23:16:59 GMT
GetRequestByInviteCode
bff.portal.certifid.com/bff/
0
0

GetRequestByInviteCode
bff.portal.certifid.com/bff/ Frame
0
0
Preflight
General
Full URL
https://bff.portal.certifid.com/bff/GetRequestByInviteCode?inviteCode=ecd22d47-a822-400c-b8c0-4e9094876661
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,expires,pragma
Access-Control-Request-Method
POST
Origin
https://home.portal.certifid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,content-type,expires,pragma
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Origin
https://home.portal.certifid.com
Date
Tue, 05 Dec 2023 14:41:23 GMT
Request-Context
appId=cid-v1:b5040296-511a-42fc-9b60-ef3c4e234b8b
Server
Kestrel
Vary
Origin
modules.9a6460d94a753d6764ef.js
script.hotjar.com/
218 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.9a6460d94a753d6764ef.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2333061.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-72.mrs52.r.cloudfront.net
Software
/
Resource Hash
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 11:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d5395aef0c58da123cbcc801b71e308c.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
10756
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55401
last-modified
Tue, 05 Dec 2023 11:41:37 GMT
etag
"96ef6b2dd3fa58f5dfaaef19a5968444"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8MLj2E32e8-SQpQKzLOreD2S-ke4ztWUzsyKOsfe4FIziTPhU7dUcQ==
292ba308-e595-46be-9306-36a4575b2007
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/292ba308-e595-46be-9306-36a4575b2007
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289b26df8bbf8f4b9b37202a46ad3224f84601809e19ea009bcef69ee1961769
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8308f9cc1c992b04-SEA, 8308f9cc1c992b04-SEA
x-runtime
0.009154
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"289b26df8bbf8f4b9b37202a46ad3224"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwNHuZEKGeMqXJ2darFsXtn4RrjA6d3VBW9t4wtYS4IOCoHAKTIvyJOYcHgHSpTxvq4thzmeKNxvkN1A%2FMz4RMTLVauFFhiatXLY8yQI7oHJEdOMeEZTkZYrBF%2FvHeBtpSc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
830d0cb55b5765f9-AMS
version
stonly.com/js/widget/v2/
8 B
347 B
XHR
General
Full URL
https://stonly.com/js/widget/v2/version?v=1701787282734
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
3573a2e952601832e79e92081f90f0947faa3f0ff57936c800d854c2a8f79a13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 14:41:22 GMT
Last-Modified
Tue, 05 Dec 2023 13:41:49 GMT
Server
nginx
ETag
"656f289d-8"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8
Expires
Thu, 01 Jan 1970 00:00:01 GMT
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT7CNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc0fa0465bdba2a61e568479dcca69f817415149612011523861284785e1c39c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 14:41:22 GMT
collect
region1.google-analytics.com/g/
0
260 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8MJGHKHT01&gtm=45je3bt0v873605727&_p=1701787282537&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=285584744.1701787283&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=client-send&dp=%2Fclient%2Fsend%2Fecd22d47-a822-400c-b8c0-4e9094876661&dl=https%3A%2F%2Fhome.portal.certifid.com%2Fclient%2Fsend%2Fecd22d47-a822-400c-b8c0-4e9094876661%3Fsource%3DEmail&sid=1701787282&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=782
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 14:41:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://home.portal.certifid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stonly-widget.js
stonly.com/js/widget/v2/
39 KB
13 KB
Script
General
Full URL
https://stonly.com/js/widget/v2/stonly-widget.js?v=ceb8b7a6
Requested by
Host: home.portal.certifid.com
URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
83871cfa6c7734a9fa4c949e70d22cc24d94b1afdff688beedfb731894ab1db9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 14:41:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 13:41:49 GMT
Server
nginx
ETag
W/"656f289d-9c93"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 19 Dec 2023 14:41:23 GMT
/
content.hotjar.io/
56 B
161 B
XHR
General
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.255.189.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-189-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cb56df1c3f70a05652ef6228246d65f63a9873289160a4a7ae1c50e775b518c5

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Dec 2023 14:41:23 GMT
content-length
56
vary
Origin
content-type
application/json
web-widget-main-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame D34B
435 KB
137 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
RqZIDjLbqQCJse5.5YPoIz6l3bVKH2F9
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FSF5803D2MZ177K
age
42738
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
s6NVEjlxQ0X409+93Y+AyzPpDVdCnUzkj58R435QREy4lvYOga3kZ8DuxKYs3kScc5mlXhydQ7o=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"531e7cd49856ceac1ab739dee1bd9825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FX5hj2zvtbhqFP3px3iEq%2BntPasKD8WsWBO1jxuSThMgKdpZ%2B4V37C955u8xKVlHyNehS3MtSdrUD%2BqhBZafKo1jTL3hE%2BA1gV7iQzi3qF0B%2BM3qtqTZqkbUKYDX2DzVK5iOag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb6ddba655d-AMS
expires
Wed, 04 Dec 2024 00:28:35 GMT
vendors~widget-6a10b4723bf3a3343a8a.stonly.js
stonly.com/js/widget/v2/
179 KB
63 KB
Script
General
Full URL
https://stonly.com/js/widget/v2/vendors~widget-6a10b4723bf3a3343a8a.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ceb8b7a6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 14:41:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 13:41:49 GMT
Server
nginx
ETag
W/"656f289d-2cd57"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 19 Dec 2023 14:41:23 GMT
widget-8d28aabdd00b1b56562e.stonly.js
stonly.com/js/widget/v2/
169 KB
50 KB
Script
General
Full URL
https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ceb8b7a6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
834178be7531c3671c04ee17ed3d07bbae076250a85a592c479cef06a1c391e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 14:41:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 13:41:49 GMT
Server
nginx
ETag
W/"656f289d-2a31c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 19 Dec 2023 14:41:23 GMT
en-us-json-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame D34B
16 KB
3 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
0TD6PAWfsyxN8kJamulTpqLVZArSSWuB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS8D41MZJZMYG1B
age
42728
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
MlQYiQ2dqb9h/OIVYc60rdAWwzi2m98faLu/nzTPmQXpoeHOhtgWXpnmexReeLW5Qx210z3PGrY=
last-modified
Tue, 05 Dec 2023 00:28:38 GMT
server
cloudflare
etag
W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3g0jvw5tq%2FtqLcMdDIH3xHrpoYuNMB1gxeQCHv9G1iCPC1JtQoedv3LpHjEROsg3Bwrgh%2BG5uT943pPOdlS2mXKbgB9f96yl9DltBnvo96J1F35kuVC29l4G6%2FgH%2FvZ6%2B5oEnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb7bed9655d-AMS
expires
Wed, 04 Dec 2024 00:28:37 GMT
web-widget-4852-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame D34B
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
rgQyDw8mO5OrfYenQWJeUHQhMhROhIV.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS6K6N3BED5C9DX
age
42737
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mZYDmVwtmpMlbyBFUcvQAyVxK3nKNxXriZZENjdf3EjmZopRc63mtrIJzjjk+FTJoP0ZDs3BETM=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLd%2FCW5SaP%2B4xfHih8sddzRKTDoMtXvfB3zvi%2Ff%2ByWUvsyGNedX9fgXjb7pxHFzvPBdJl4%2FQEkaWNolLXDxN3z486nAzcBql3OYnQzEN5FeT7KpY7Sz%2FmzwC1D37l6dQVzu%2BuQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb7bedd655d-AMS
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-519-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame D34B
24 KB
8 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
GVsqCvOfUiBJYIwZLFLTQX5MyDUCOwc2
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS3V2M4QJ2ZK33P
age
42737
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZcwJ01puBTNkg0AiqHh4Jwsz8eTxW4l9Gmz7kmYejNT5ylWWy39mTLN7KSZvvQMqOIGQL7p8G4s=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"1c9884a2069c7bec6b20dac62004eb1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyoCI0prWfvyLLcKst9VPSYsGhDy%2Fk8JOemlrwoZNXrZkMxDdePSU3%2FG29U30SFaGwzPnP9PLiZPfTznJgp8SudbruxnxiulirzogP2zqKBAY67BIIS1WqcrA9VufwKbInYrun0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb7bedf655d-AMS
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-5178-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame D34B
24 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
NLi469M1WczuGaqZLXtxIgWwTh.1j.zh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS7C58SVHM9XWRN
age
42737
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UHe8in2/NNlJQ8+xqDERT39dCXeKxCJVrG2UC/shLH4h+ZNVARF4OnkmVkfqjVmg/Z5Cp8G4Dco=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"11034f049f5eef05b26ed292ac59e1fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXaeg6FJWwRl12%2Fvfh3HIKxAjb9Z%2BudX5yeIIeTnJzhDmLur3CuEqzTNnBYJJbfPOen4VP3Rzc%2BSZy1FFq0eQyjIzOc8BUFmMvL56VgA%2BGUr6tGVdo5CjXXrTw%2FPO2L4DE8VyKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb7bee2655d-AMS
expires
Wed, 04 Dec 2024 00:28:35 GMT
web-widget-9535-1bfc6fa.js
static.zdassets.com/web_widget/messenger/latest/ Frame D34B
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1bfc6fa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
x-amz-version-id
ty1N93CTNGjm.TymHP.kwa5RR_YIsyxf
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4FS0JNEYMFMYAKH2
age
42737
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KZ6JU9UjGIwkXQxX79VJPt5IBQz+RyTOOPzgoaj8Fyg4FIN4CX5ErJSJSDOj+qVg7hRI7zO5uEc=
last-modified
Tue, 05 Dec 2023 00:28:36 GMT
server
cloudflare
etag
W/"d46547a6c79c8800ac99ed5408528a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kyUylLnOKMd9LTcKvKaln9DuVkNpSE5cyMzd9Qn05jV4XZ%2BwcIBk8Hfx5pim%2F5Pjy6oSCHTDqBw4Ag1sJcovowGrSV5qnvGiWyN7ig1lJ%2Fi1Q94tkE6XDNCDCIcda3Ss8M%2F92Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
830d0cb7bee3655d-AMS
expires
Wed, 04 Dec 2024 00:28:35 GMT
pv
certifid.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://certifid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://home.portal.certifid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
830d0cb8eda5b930-AMS
date
Tue, 05 Dec 2023 14:41:23 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzp2mi1yU0lG12roraP%2Ftq5ha0Ek7d%2FHuZKc00s8wTQj8xccKsXqk4GIOW4muQZvGDiT17R%2BbOAfR9T5FP%2FAOMCmzUaagiifiqWg%2FNP7q7YLOA2GgVOaKAvo3RExmfK9tuiVvdmH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
830d0cb8eda5b930-AMS
x-zendesk-zorg
yes
pv
certifid.zendesk.com/frontendevents/ Frame D34B
0
0
Fetch
General
Full URL
https://certifid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiKSbUtd1fCDdLlBrzRol0WT1ExAdHvgZb10NxqooVUonSFOCSyo8VFeJ%2FfmXDfGl4fGRXqrOh2k%2FjWvxXYcPY5mRlJA6XrJnHmN3A9tEFjn5sedZIx11C%2B1G3%2FpLRGNBNHtYAQc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
830d0cbb691db930-AMS
content-length
0
x-request-id
830d0cbb691db930-AMS
config
certifid.zendesk.com/embeddable/ Frame D34B
807 B
1 KB
Fetch
General
Full URL
https://certifid.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-1bfc6fa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb81da1594351a5778f51d18076d788972fc92741a095fc58ecd8e4644403d7f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-55bf69765f-tsdrs
x-cached
MISS
x-request-id
830d0cb8eda3b930-AMS
x-runtime
0.073168
last-modified
Mon, 04 Dec 2023 13:55:53 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19PSc4pRI6%2B0ISysecxIO5MV7qs%2F8FPyV69EDmHj5Lvb19awdOXQeupmTa%2BJ%2FU%2Bk1STP5eJelqcwECybUnKiGZh4TB3pQfJapCikZJzvHw4qlb4ZNwk%2BFqZO1EMwMyS7bZ%2B5zyTV"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
830d0cb8eda3b930-AMS
stonly-stat-id.html
s.stonly.com/ Frame 9CAC
3 KB
1 KB
Document
General
Full URL
https://s.stonly.com/stonly-stat-id.html?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&v=1.5
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
29711
content-encoding
gzip
content-type
text/html
date
Tue, 05 Dec 2023 06:26:13 GMT
etag
W/"b714291e1f3178ac2a5d4e3c7974d64b"
last-modified
Fri, 01 Dec 2023 10:57:14 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id
RuwdaySZP6aqifeSC9_APoLFGxkLiJ3xUcvFXrGGAWzvLizGxCnSaA==
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
identify
api.stonly.com/api/v1/targeting/
38 B
457 B
XHR
General
Full URL
https://api.stonly.com/api/v1/targeting/identify
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-160-118.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

timestamp
1701787283477
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 05 Dec 2023 14:41:24 GMT
strict-transport-security
max-age=2592000;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
etag
W/"26-NFKChCaGCPgLuaMJn62pKH75t6U"
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://home.portal.certifid.com
cache-control
no-cache
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:01 GMT
identify
api.stonly.com/api/v1/targeting/ Frame
0
0
Preflight
General
Full URL
https://api.stonly.com/api/v1/targeting/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-160-118.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,timestamp
Access-Control-Request-Method
POST
Origin
https://home.portal.certifid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,timestamp
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://home.portal.certifid.com
cache-control
no-cache
date
Tue, 05 Dec 2023 14:41:23 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=2592000;
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integration
api.stonly.com/api/v2/widget/ Frame
0
0
Preflight
General
Full URL
https://api.stonly.com/api/v2/widget/integration?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&stonlyAnonymousId=38f505a7-7e22-4267-9a61-dd80935df7a7&url=https%3A%2F%2Fhome.portal.certifid.com%2Fclient%2Fsend%2Fecd22d47-a822-400c-b8c0-4e9094876661%3Fsource%3DEmail
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-160-118.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
timestamp
Access-Control-Request-Method
GET
Origin
https://home.portal.certifid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
timestamp
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://home.portal.certifid.com
cache-control
no-cache
date
Tue, 05 Dec 2023 14:41:24 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=2592000;
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integration
api.stonly.com/api/v2/widget/
553 B
816 B
XHR
General
Full URL
https://api.stonly.com/api/v2/widget/integration?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&stonlyAnonymousId=38f505a7-7e22-4267-9a61-dd80935df7a7&url=https%3A%2F%2Fhome.portal.certifid.com%2Fclient%2Fsend%2Fecd22d47-a822-400c-b8c0-4e9094876661%3Fsource%3DEmail
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.188.160.118 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-160-118.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
dfdd1239a2d2b8e43a13e0da54d1991b379fadd37242f1c66b8c534dfdd4a858
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

timestamp
1701787284355
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:41:26 GMT
strict-transport-security
max-age=2592000;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
etag
W/"229-qnyaEdTLbEnPA1YwL7sC68/zEbE"
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://home.portal.certifid.com
cache-control
no-cache
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:01 GMT
stat
api.stonly.com/api/v1/
0
0

stat
api.stonly.com/api/v1/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bff.portal.certifid.com
URL
https://bff.portal.certifid.com/bff/GetRequestByInviteCode?inviteCode=ecd22d47-a822-400c-b8c0-4e9094876661
Domain
api.stonly.com
URL
https://api.stonly.com/api/v1/stat
Domain
api.stonly.com
URL
https://api.stonly.com/api/v1/stat

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| threatmetrix object| webpackChunkCertifID object| $cookies object| FontAwesomeConfig object| ___FONT_AWESOME___ function| hj object| _hjSettings object| dataLayer function| gtag object| vue object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| zEWebpackACJsonp function| zE function| zEmbed object| google_tag_manager object| google_tag_data string| STONLY_WID function| StonlyWidget function| onYouTubeIframeAPIReady object| gaGlobal boolean| zEACLoaded object| jsonpStonlyWidget object| regeneratorRuntime

8 Cookies

Domain/Path Name / Value
.certifid.com/ Name: mp_b90f8f11a431180f7a4c9009fb68d24d_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218c3a6d2c64a7f-0c7dd4e19a0e39-6d325e53-1d4c00-18c3a6d2c653c4%22%2C%22%24device_id%22%3A%20%2218c3a6d2c64a7f-0c7dd4e19a0e39-6d325e53-1d4c00-18c3a6d2c653c4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.certifid.com/ Name: _ga
Value: GA1.1.285584744.1701787283
.certifid.com/ Name: _ga_8MJGHKHT01
Value: GS1.1.1701787282.1.0.1701787282.0.0.0
.certifid.com/ Name: _hjFirstSeen
Value: 1
.certifid.com/ Name: _hjIncludedInSessionSample_2333061
Value: 1
.certifid.com/ Name: _hjSession_2333061
Value: eyJpZCI6ImM5MDJhZWFjLWJjY2ItNGMzNS05YTIxLTg3ZThkMGEwZTAwNyIsImNyZWF0ZWQiOjE3MDE3ODcyODI4OTgsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.certifid.com/ Name: _hjSessionUser_2333061
Value: eyJpZCI6IjdmZDUyZTdjLTExMjYtNWIzYi1iZWE5LWU3OTk4YWUxNmI4MyIsImNyZWF0ZWQiOjE3MDE3ODcyODI4OTUsImV4aXN0aW5nIjp0cnVlfQ==
.certifid.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

10 Console Messages

Source Level URL
Text
security error URL: https://home.portal.certifid.com/client/send/ecd22d47-a822-400c-b8c0-4e9094876661?source=Email
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1bfc6fa.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://stonly.com/js/widget/v2/widget-8d28aabdd00b1b56562e.stonly.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stonly.com
bff.portal.certifid.com
certifid.zendesk.com
content.hotjar.io
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
home.portal.certifid.com
region1.google-analytics.com
s.stonly.com
script.hotjar.com
static.hotjar.com
static.zdassets.com
stonly.com
use.fontawesome.com
www.googletagmanager.com
api.stonly.com
bff.portal.certifid.com
104.16.53.111
104.18.72.113
13.32.99.95
15.188.160.118
18.66.97.53
20.49.104.19
2001:4860:4802:34::36
2606:4700:e2::ac40:8c0d
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:831::200a
34.255.189.176
35.180.145.57
51.124.12.35
54.192.111.72
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
0adc2fad9a2201b20e61d22f4e462a54bde5b52db1219c20b926d75c95eb7c06
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
1662150f530b4637002b15f7a5f8474622e87ffb5789167949d5f9fcb856145c
289b26df8bbf8f4b9b37202a46ad3224f84601809e19ea009bcef69ee1961769
2b05cefc0fc11d530d6997ccdd586886ede4d1c582fa70f1ec8a0feebb9f32bd
333092c28da0b633324a085065e53f1f9f0f3cd5f2c597b5dc9a02663ed362b0
3573a2e952601832e79e92081f90f0947faa3f0ff57936c800d854c2a8f79a13
3d5d70c5284eb5a9e4163e4087c545908cab20905a9c9dafe7730988f7f10536
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
4f2244b4085df18343090518d16b858de24a793e91e03bfa52c015ca66186594
595421b961eb2f34b3fb0ae85fc8011607cb97a10f27602fb6db5bcba61bb770
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
7c8557fabe455b2a528bb3bc78a1586c880f14936fcec7d6d4293b7716073982
834178be7531c3671c04ee17ed3d07bbae076250a85a592c479cef06a1c391e1
83871cfa6c7734a9fa4c949e70d22cc24d94b1afdff688beedfb731894ab1db9
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8ddedae7c411cb9ea7089fd9453ccb5d1751b0b8249f97ec20e20796cc89f86f
96d9814082581fffdf60d236e077e8ae99d69e88073db4ba3197beb6bb651c3e
9d3d233a7ce6e1bbd5bb86642610970a96bd4931d4f11b093f8b4ba924fafa14
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a02246e0bae0c0fc417185790a212af107bcb257bb793cc3b5889360ae0673a6
b14c279d34eb7b79f2d6d3916b3d49e435ad9042118cc120f79683d9953983a0
b94db283c37f2e2bc000239b36338e40009e79e9ef21380ae147917d4adaee32
bd8d1fcff130fa9c5cc4eb55f84ed45d1f797cf8de1a8600eb875674a0b72aeb
c367fa0d1fa6fd4b20452e9619a73eda50dbfae71f97e494832eb9cfb8cd7723
c51aa0ea6c47d7b30cf37c90d0db8db905c8f8a471423ab76b7dced6a73c8848
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
cb56df1c3f70a05652ef6228246d65f63a9873289160a4a7ae1c50e775b518c5
cb81da1594351a5778f51d18076d788972fc92741a095fc58ecd8e4644403d7f
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
dc0fa0465bdba2a61e568479dcca69f817415149612011523861284785e1c39c
dfdd1239a2d2b8e43a13e0da54d1991b379fadd37242f1c66b8c534dfdd4a858
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1f3896f0463825202d139d544632b39991f05ccb17e30bb8501edd8412a333c
f2dd291594df1136d7566444ca32a1f21f767ceda1acc56afb15003503eb8780
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f9aab26c1639abef6e474723476d570aa034b68e25a09906214d14f4352be8b3
fa4523783310d5e6a63b1694699843fbf33632383047909e9bfca9be4d71a884