portal.certifid.com Open in urlscan Pro
20.4.244.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f
Submission: On February 21 via manual (February 21st 2024, 2:53:55 pm UTC) from US — Scanned from NL

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 60 HTTP transactions. The main IP is 20.4.244.223, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal.certifid.com. The Cisco Umbrella rank of the primary domain is 955448.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 3rd 2024. Valid for: 6 months.

This is the only time portal.certifid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	20.4.244.223 20.4.244.223	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.64.206.38 172.64.206.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	20.119.0.42 20.119.0.42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.183.87 18.165.183.87	16509 (AMAZON-02) (AMAZON-02)
1	63.35.22.222 63.35.22.222	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
4	18.173.154.112 18.173.154.112	16509 (AMAZON-02) (AMAZON-02)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.88.10 99.84.88.10	16509 (AMAZON-02) (AMAZON-02)
6	51.44.40.105 51.44.40.105	16509 (AMAZON-02) (AMAZON-02)
60	17

19 20.4.244.223 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

portal.certifid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.206.38 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.119.0.42 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bff.portal.certifid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-87.zrh55.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.22.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-22-222.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.154.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-112.muc50.r.cloudfront.net

stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

certifid.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-10.muc50.r.cloudfront.net

s.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.44.40.105 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

api.stonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	certifid.com portal.certifid.com — Cisco Umbrella Rank: 955448 bff.portal.certifid.com	607 KB
11	stonly.com stonly.com — Cisco Umbrella Rank: 29052 s.stonly.com — Cisco Umbrella Rank: 48526 api.stonly.com — Cisco Umbrella Rank: 30804	126 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2491 ekr.zdassets.com — Cisco Umbrella Rank: 2789	214 KB
3	zendesk.com certifid.zendesk.com	991 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	232 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	59 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	247 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6936	161 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	10 KB
0	mixpanel.com Failed api-js.mixpanel.com Failed
60	12

	Domain	Requested by
19	portal.certifid.com	portal.certifid.com
7	static.zdassets.com	portal.certifid.com static.zdassets.com
6	api.stonly.com	stonly.com
5	bff.portal.certifid.com	portal.certifid.com
4	stonly.com	portal.certifid.com stonly.com
3	certifid.zendesk.com	static.zdassets.com
3	www.googletagmanager.com	portal.certifid.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	client
1	s.stonly.com	stonly.com
1	region1.google-analytics.com	www.googletagmanager.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	static.hotjar.com	portal.certifid.com
1	use.fontawesome.com	client
0	api-js.mixpanel.com Failed	portal.certifid.com
60	17

This site contains links to these domains. Also see Links.

Domain
certifid.com

Subject Issuer	Validity	Valid
portal.certifid.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-02-03` - `2024-08-03`	6 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
bff.portal.certifid.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-02-03` - `2024-08-03`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
stonly.com Amazon RSA 2048 M02	`2024-01-07` - `2025-02-04`	a year	crt.sh
certifid.zendesk.com Cloudflare Inc ECC CA-3	`2024-01-30` - `2024-12-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f
Frame ID: AA91477EAA43306E93E20FFE27DCC8C1
Requests: 45 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Frame ID: 111EDDF7249117412F5AD028D0225BAB
Requests: 8 HTTP requests in this frame

Frame: https://s.stonly.com/stonly-stat-id.html?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&v=1.5
Frame ID: A34E65361026D30C47783B89EE5142A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CertifID

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

60
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

1283 kB
Transfer

4001 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://certifid.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://certifid.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request c97ad1b2f4104f20abf1b8280dbff83f Show response
portal.certifid.com/client/send/ 882 B
4 KB 188ms
57ms Document
text/html 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6053a11a8b0d87929f83c632fd1c4b10c813813abaa4185e03b4faddf0447fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type: text/html
date: Wed, 21 Feb 2024 14:53:49 GMT
etag: "27005492"
feature-policy: microphone 'none'; camera 'none'; payment 'none';
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 profile-script.js Show response
portal.certifid.com/ 3 KB
5 KB 17ms
17ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/profile-script.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

333092c28da0b633324a085065e53f1f9f0f3cd5f2c597b5dc9a02663ed362b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:49 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 maintenanceCheck.js Show response
portal.certifid.com/ 3 KB
5 KB 32ms
31ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/maintenanceCheck.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3fbe016850a769e87d86f8e9e67bc2cecafed381d8206cd55b471992d3b886bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:49 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 chunk-vendors.3cc77c1e.js Show response
portal.certifid.com/js/ 503 KB
161 KB 33ms
33ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3645567f3492230e755a0b86645e8759fe6cc1aae032107dd56f0fb69280d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:49 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.ed013f15.js Show response
portal.certifid.com/js/ 541 KB
94 KB 48ms
48ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/app.ed013f15.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f282de84c4fff147e32905988c7df5724c9dd486923c9ac883175a514de0ac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:49 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 appSettings.prod.json Show response
portal.certifid.com/ 1 KB
5 KB 16ms
16ms Fetch
application/json 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/appSettings.prod.json

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/maintenanceCheck.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8fded03d7a72362273212ef50e8b5d984114f147f273b98e041b9e50fa0c4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:49 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: application/json
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
10 KB 356ms
25ms Stylesheet
text/css 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 649287
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0wq%2Bq1P53BsT8EugTf1bvMwEb%2FP3zhKftiwdX6XhufR02Y2Qv15IK4dDtijA7KcGP3bxIOPjqfDtKJFxrryOo%2BB7Kl7re%2FOF8BnplSMr2nKQjkT81lq5Uxv1UNnWFngyNJsyoKS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 858fd2377b1966c1-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
854 B 377ms
29ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oxygen:wght@300;400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

ESF /

Resource Hash

52156d233fe19698a9aec69a4af2ffba9b51289f2e213db1f09ebda59ff59c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 13:06:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 14:53:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 793 B
471 B 385ms
38ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display:400

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

ESF /

Resource Hash

e8d49e588de8efb44d0f1f3fbac89f775db2b819b264f0baef2a8d0d2b760a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 14:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 14:53:50 GMT

GET
H2 200 appSettings.prod.json Show response
portal.certifid.com/ 1 KB
5 KB 17ms
17ms XHR
application/json 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/appSettings.prod.json

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8fded03d7a72362273212ef50e8b5d984114f147f273b98e041b9e50fa0c4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: application/json
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 hotjar-2333061.js Show response
static.hotjar.com/c/ 9 KB
4 KB 108ms
58ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2333061.js?sv=6

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

bfd29fb2c7e3b63b0ed140f2aa11537909d41c317d1faed5bb957b35f8c64779

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 14:53:50 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/80703c23411c127c211a012ed34d9b4c
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: tfuhrB8A3aBaPG6LxbAcCqCh171GfYJEMCBQOxn5WfMwVvrwiHZjOA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
60 KB 410ms
63ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDT7CNN

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

91aa70258ed1b04bcc25a429f822c87a8e5ab3851dbda3084fa3f518d93e844b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61716
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 14:53:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
86 KB 383ms
37ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8aef2891c0431e76f1b18cde425e1ac181b923c29f329558747647b24970d02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 14:53:50 GMT

GET
H2 200 698.0018f602.js Show response
portal.certifid.com/js/ 11 KB
7 KB 19ms
18ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/698.0018f602.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fecb59e41404bc6c700401de4367e707dac61c18cb4186a8426be6f74e3e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 366.b4252a97.js Show response
portal.certifid.com/js/ 20 KB
9 KB 20ms
20ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/366.b4252a97.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

50555a3979c6bcf61633c66ec535b045b9dfc62b5a8f8671e865f47bde4a92c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 101.409dcc6b.js Show response
portal.certifid.com/js/ 15 KB
8 KB 26ms
25ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/101.409dcc6b.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51ad9646915c92d61644346cead81ac3993fad26de6c4b80efe69a568cecece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 140.b66bd8ce.js Show response
portal.certifid.com/js/ 53 KB
17 KB 30ms
29ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/140.b66bd8ce.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed27d12e227dce6916933f59a6f571748673bda47ad5162826d66a5e55ce7ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 48.98598a15.js Show response
portal.certifid.com/js/ 35 KB
12 KB 25ms
24ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/48.98598a15.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12dc0bd0a70c60794b1bc0cc599ce9826c356e41b98a0294f8356495583221c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 593.7db8c117.js Show response
portal.certifid.com/js/ 169 KB
44 KB 32ms
31ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/593.7db8c117.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e4bf12f5252ef6882a217f877ecd9e2abd8624f4eb811f6449e415c9c81c343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 929.39d7d96e.js Show response
portal.certifid.com/js/ 439 KB
123 KB 36ms
36ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/929.39d7d96e.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

587fac780a1eddc6ff0b72f52102659be87ce3dcae34fecc3e3e5b3b7e6fc098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 client-send.87f0288d.js Show response
portal.certifid.com/js/ 113 KB
31 KB 30ms
30ms Script
text/javascript 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/js/client-send.87f0288d.js

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db67a123847891bdd6fd4403e632d58c418de095b05589db858e756edfd8d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
x-content-type-options: nosniff
etag: "27005492"
vary: Accept-Encoding
x-dns-prefetch-control: off
content-type: text/javascript
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 wave-white.593b5002.png
portal.certifid.com/img/ 11 KB
15 KB 24ms
24ms Image
image/png 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.certifid.com/img/wave-white.593b5002.png

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f9aab26c1639abef6e474723476d570aa034b68e25a09906214d14f4352be8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
etag: "27005492"
x-dns-prefetch-control: off
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type: image/png
x-frame-options: SAMEORIGIN
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
content-length: 11002
x-xss-protection: 1; mode=block

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 83ms
33ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/app.ed013f15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9X4B0G1GWNB25PJG
age: 51
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khy8P1tXXyueLqUNyohfbkWvId3V8ndnjW3KSowvNjyEHcMdKFo0ZvzAy9O38jvLAtvGijPGu37viNXanUpKbBWUEL9BltZZKgFxp8SsuRFVbJbSQRVEC7VRVyX2fDwTh20KDkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 858fd2360a44b8fa-AMS
access-control-allow-headers: *

GET
H2 200 certifid-icon.cdfe3529.svg
portal.certifid.com/img/ 1 KB
5 KB 31ms
31ms Image
image/svg+xml 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.certifid.com/img/certifid-icon.cdfe3529.svg

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0adc2fad9a2201b20e61d22f4e462a54bde5b52db1219c20b926d75c95eb7c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
etag: "27005492"
x-dns-prefetch-control: off
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
content-length: 1231
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 204
No Content GenerateClientRequestActivitySessionWithInviteCode
bff.portal.certifid.com/bff/ClientFlows/ Frame 0
0 510ms
95ms Preflight 20.119.0.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bff.portal.certifid.com/bff/ClientFlows/GenerateClientRequestActivitySessionWithInviteCode?inviteCode=c97ad1b2f4104f20abf1b8280dbff83f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.0.42 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,pragma
Access-Control-Request-Method: GET
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: cache-control,expires,pragma
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Origin: https://portal.certifid.com
Date: Wed, 21 Feb 2024 14:53:50 GMT
Request-Context: appId=cid-v1:833d63c8-263d-47fc-9c09-e2e8deff99f0
Server: Kestrel
Vary: Origin

GET
H/1.1 204
No Content GenerateClientRequestActivitySessionWithInviteCode Show response
bff.portal.certifid.com/bff/ClientFlows/ 0
420 B 486ms
203ms XHR
text/plain 20.119.0.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bff.portal.certifid.com/bff/ClientFlows/GenerateClientRequestActivitySessionWithInviteCode?inviteCode=c97ad1b2f4104f20abf1b8280dbff83f

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.0.42 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=2592000

Request headers

Pragma: no-cache
Cache-Control: no-cache
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Expires: 0

Response headers

Access-Control-Allow-Origin: https://portal.certifid.com
Date: Wed, 21 Feb 2024 14:53:51 GMT
Strict-Transport-Security: strict-transport-security: max-age=2592000
Access-Control-Allow-Credentials: true
Server: Kestrel
Vary: Origin
Request-Context: appId=cid-v1:833d63c8-263d-47fc-9c09-e2e8deff99f0

GET
H2 200 292ba308-e595-46be-9306-36a4575b2007 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 697ms
647ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/292ba308-e595-46be-9306-36a4575b2007

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cddbe547dfb2064dbc10a565779cd5292393a41853b7656d399eaaee2e4b0f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 857db4558b4a09ee-SEA, 857db4558b4a09ee-SEA
x-runtime: 0.009733
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cddbe547dfb2064dbc10a565779cd529"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRLB%2BG2QuctDKxha2c1nety86In34FVHThCAYgw6cZqKUqLYoNanqlu2OeHvEkhABg2KM%2B9N39%2BhYFoCCbWV%2BTdoFAX0qpxS7OPtrJJ95iXYmtre%2Fc1jZeYLMAKrIQYJKvc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 858fd2369b9e0e94-AMS

GET
H2 200 modules.a02b08e96dea6b9516bd.js Show response
script.hotjar.com/ 228 KB
55 KB 112ms
35ms Script
application/javascript 18.165.183.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2333061.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.183.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-183-87.zrh55.r.cloudfront.net

Software

Resource Hash

31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 11:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 186764
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56163
last-modified: Mon, 19 Feb 2024 11:00:25 GMT
etag: "26c6b143280117fc6f6e3350a91924ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bEgJmjJqxbHai04KBcy1NXVtiejhG9IujiCEJl8hncfABgpQR70vvw==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 271ms
63ms XHR
application/json 63.35.22.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2333061&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.35.22.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-22-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2fcfb4a0c91b968a5909a888b0f83fe2531ef0e8b08dab9743cd083717fe429e

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Feb 2024 14:53:50 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 368ms
20ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oxygen:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.certifid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:41 GMT
x-content-type-options: nosniff
age: 26770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:27:41 GMT

GET
H2 200 version Show response
stonly.com/js/widget/v2/ 8 B
469 B 415ms
48ms XHR
application/octet-stream 18.173.154.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/version?v=1708527230782

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-112.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

099c7a5455547f3bd988421fbfa52841d159d14df28f4fb762f82e20f4193abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
via: 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
content-length: 8
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Feb 2024 09:34:31 GMT
server: nginx
etag: "65d320a7-8"
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: qIBl-vyAyjXFOjwE_Q-t_csmC-87v_K63zkj5ONWF5vydDK3m977iA==
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 36ms
36ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDT7CNN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

527c51add63f59df930ee34f24878cdb3620dd35aa8f36f16cac1befef1345b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 14:53:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 349ms
20ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MJGHKHT01&gtm=45je42h0v873605727za200&_p=1708527230342&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1618943072.1708527231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=client-send&dp=%2Fclient%2Fsend%2Fc97ad1b2f4104f20abf1b8280dbff83f&dl=https%3A%2F%2Fportal.certifid.com%2Fclient%2Fsend%2Fc97ad1b2f4104f20abf1b8280dbff83f&sid=1708527230&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=815
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MJGHKHT01&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 14:53:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 111E 435 KB
138 KB 55ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: ZLQfQ8VAJywf0FRWmUxy0uJpQtEO7ERS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FG1FZ3ZKF67RV71B
age: 192600
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KEHktd298CMOolHlBMafryZ0a+8H2s7n4EL3gAVr5GH+db4c8rbUODx1s3UH+NQhPHyGoBEWo6U=
last-modified: Thu, 15 Feb 2024 16:57:38 GMT
server: cloudflare
etag: W/"0716a89c7772dd4e6b2228378ee4842c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPD8w2CVv6fttpq5dxtpWnZ7EzsdgImfz2rugLbM%2FEuM8CkRGqacrL3LBquAgCp5WVvFBKC8ikU%2BSJgSIIioYgR%2FJPNmp0OLFU6ARfbU5xGXIINlYV%2BLzbSMcvC3Fujd%2FtZaxuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23ab91ab8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:37 GMT

GET
H2 200 stonly-widget.js Show response
stonly.com/js/widget/v2/ 40 KB
13 KB 385ms
30ms Script
application/javascript 18.173.154.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/stonly-widget.js?v=818d0ce4

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-112.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

d5bf4a2b5d7469bd3b0c60da16d4d6ec59395c74b21b2951766acf1a489f6896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 09:44:16 GMT
content-encoding: gzip
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P3
age: 191375
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Feb 2024 09:34:31 GMT
server: nginx
etag: W/"65d320a7-9fc8"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=1209600
x-amz-cf-id: xfmxG2Lb_jJD0kGa7cdM_h1TXJ-hsWltNZ5aBsFSI5fjNUPfaShJpA==
expires: Mon, 04 Mar 2024 09:44:16 GMT

GET
H2 200 en-us-json-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 111E 17 KB
4 KB 31ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: u2PDhummP8_ehE3OIftmg51YNEzdU7oe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8PWT7HGRFHACWEDQ
age: 192596
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: sWKd8rEq5L/35xbU50nlJNr7GoQniwlDIsAcLAwWG/VllWdxJtRiiSYXrsdH9ZaCR1+i60eJJs8=
last-modified: Thu, 15 Feb 2024 16:57:40 GMT
server: cloudflare
etag: W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5FeIAYHe%2FF1bt7fV7KGfK8CyDUi3X59SiL09fqw%2BklkvP%2Fwg3M3jK2NwkgpX6tGuwKM1Dv0s6yR5ATlSxinoEtKGMgd%2BSp%2Boyrqc%2FsNj9sp46XYM%2By0fIUYCLpFG9z%2FSKoNgyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23b6a10b8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:39 GMT

GET
H2 200 web-widget-4852-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 111E 139 KB
47 KB 34ms
33ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: F7uXOz2A_5aQqfTP_rhX1FqPLAydr3fO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8PWGCYM9XFAW9EDM
age: 192599
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: h79KNqf53xy+7kfGrXJaVl/3V2wLvtIVSuQ0MP0XnV0T49eFv7Hilx5MHcMqDkU6WtG1G6nyD9Q=
last-modified: Thu, 15 Feb 2024 16:57:38 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1HXA55r41dL0Kp9gUw1gpev7UWluZwu32WLk7lv%2BtfyPGFno89TKjKwHD3PzCj4yJXJAEkTw2bclrFSSTKFHgfECjnDekRdDmxTK4hx%2B3zInGvhtTqzkDqEcfEvhiUYlPK6WbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23b6a11b8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:37 GMT

GET
H2 200 web-widget-1327-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 111E 18 KB
6 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: rHIrdQ08Y6NwProz9wmIqzko_Nsv8IHu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8PWMRHHV3A4Q6F05
age: 192599
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AkFTj+A8gvVvURp8ZfY8ujtYOV9cuZIHOXvo9hOF3oCW6enQTR3nWIKHHbKbPOEkrrmz7SJy+DU=
last-modified: Thu, 15 Feb 2024 16:57:38 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vp3eZ%2FUHx2FccXwwzpVYO3nnegnBLnhjU4Ikx79P20YyYQyF%2B6fb%2FILfIo74Pv7QDwLzcikhoMOvFEqwddysAEf1A8YwA5y4%2FJPRZqcub6CbnHJllgNmRhr22kwisDp5EPN%2BqDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23b6a14b8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:37 GMT

GET
H2 200 web-widget-5178-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 111E 24 KB
7 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: MVqLhUsMGNUapmIjFyQQbDvr_okOHKWu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8PWJEF7X84Z4D0EH
age: 192599
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1qSLbXp5Bl5CQLdAt3B8Z/5UNMxhvj8i66Wp1Z5IMu/jK8BMs1YUzU3jkKULXcxWxEnHiZ+09ZvCzM14HA6asQ==
last-modified: Thu, 15 Feb 2024 16:57:38 GMT
server: cloudflare
etag: W/"4155d9334495aef51624739a922987ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD73uJEWeUU%2FnNCMD76LeGOycpMbyW9LqqyKvHj0ffyNnNDhXrWsQx76dRLOdFPDjEaPBHgfEmmQXGlt2KLQzTztQ5iWgHpyJ7zK4UtLyag%2BhRlRBk91QKObiUiqbRHgkEGFNkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23b6a16b8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:37 GMT

GET
H2 200 web-widget-9535-a0370fe.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 111E 15 KB
6 KB 31ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-a0370fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
x-amz-version-id: fFWzIFin_CmioGvF1MZFNVN5UYAoZZpx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 8PWK5B9QZEWEKJPD
age: 192599
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: PrR4ATVEUudA7ngSPiyqNuPgAYWtnDF2cOQ/eUzV0L7T7ijkkl1DOpKA36k4LZWWhbRmMpNW8rLC3vTVsblApg==
last-modified: Thu, 15 Feb 2024 16:57:38 GMT
server: cloudflare
etag: W/"dac47767d3defab30fc014d56fbe8017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJSyi0rgrjMkFLZfuXRu9dLc%2Fcbj7VEAvBMQH4HMFnAuXOYR4AGz1iDck7CQXPTagUqYmXRHw%2Fbq2DaveIaqwXTyaz4Nkw1tAnOQqzctjIekQ316pSre538LanvsyKTv92B6HhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 858fd23b6a18b8fa-AMS
access-control-allow-headers: *
expires: Fri, 14 Feb 2025 16:57:37 GMT

OPTIONS
H2 204 pv
certifid.zendesk.com/frontendevents/ Frame 0
0 199ms
149ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://certifid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 858fd23bfca2b900-AMS
date: Wed, 21 Feb 2024 14:53:51 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wj7%2FvZ7NCwEuFAXULQNT5NPezZbVjub5qwGrjfPLZ2iFSZJ0aPt3%2BLnUjGd7MnEVRVIaB4Y46rEYOMjtu38qtwDtiog%2BgGMtoPxj2AdXFtS8U%2Fb54DzYV%2BB0lUHXC2yR5E8nQVY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 858fd23bfca2b900-AMS
x-zendesk-zorg: yes

POST
H2 200 pv
certifid.zendesk.com/frontendevents/ Frame 111E 0
0 132ms
132ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://certifid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FmWn9I1sPE1pBjZhoTV2uzyNRT0TUjLextcalb7F1hT1wvEa4JMg5XHkeIUw5rmvu8BJVqBJJvmJtGdTQWo6cDfz0FFFWWnwVBuUWqV2sD%2Fj63mrcNLaxRT2cPIFyorLJiPR6Ge"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 858fd23cee1eb900-AMS
content-length: 0
x-request-id: 858fd23cee1eb900-AMS

GET
H2 200 config Show response
certifid.zendesk.com/embeddable/ Frame 111E 807 B
991 B 426ms
376ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://certifid.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb81da1594351a5778f51d18076d788972fc92741a095fc58ecd8e4644403d7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-849f5cbd96-sjdbf
x-cached: MISS
x-request-id: 858fd23bfca4b900-AMS
x-runtime: 0.002500
last-modified: Mon, 12 Feb 2024 22:16:57 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY6dqcDKgFVuszsFjarnoCGOcvndsXQY6JZtNaa6Mue91%2FGHKAFjuDU7DuoUKBskguKs%2FGgusffMHNV16Mj2AJrSK%2FQNq8dEhGPZGjL7otZrUS26MTOzKaPBXXRwC9St1mKXwD7U"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 858fd23bfca4b900-AMS

OPTIONS
H/1.1 204
No Content GetRequestByActivitySessionId
bff.portal.certifid.com/bff/ClientFlows/ Frame 0
0 94ms
94ms Preflight 20.119.0.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bff.portal.certifid.com/bff/ClientFlows/GetRequestByActivitySessionId
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.0.42 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,expires,pragma
Access-Control-Request-Method: GET
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: cache-control,expires,pragma
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Origin: https://portal.certifid.com
Date: Wed, 21 Feb 2024 14:53:51 GMT
Request-Context: appId=cid-v1:833d63c8-263d-47fc-9c09-e2e8deff99f0
Server: Kestrel
Vary: Origin

GET
H/1.1 200
OK GetRequestByActivitySessionId Show response
bff.portal.certifid.com/bff/ClientFlows/ 2 KB
2 KB 293ms
293ms XHR
application/json 20.119.0.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bff.portal.certifid.com/bff/ClientFlows/GetRequestByActivitySessionId

Requested by

Host: portal.certifid.com
URL: https://portal.certifid.com/js/chunk-vendors.3cc77c1e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.0.42 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bd0a1a1675d65a1cc26b0c1c9d0711d8813e6b32a78b4ba706db469c772fe2c3

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=2592000

Request headers

Pragma: no-cache
Cache-Control: no-cache
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Expires: 0

Response headers

Date: Wed, 21 Feb 2024 14:53:51 GMT
Strict-Transport-Security: strict-transport-security: max-age=2592000
Server: Kestrel
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portal.certifid.com
Access-Control-Allow-Credentials: true
Content-Length: 1766
Request-Context: appId=cid-v1:833d63c8-263d-47fc-9c09-e2e8deff99f0

GET
H2 200 vendors~widget-d0150c2402647e2b9d67.stonly.js Show response
stonly.com/js/widget/v2/ 184 KB
65 KB 33ms
33ms Script
application/javascript 18.173.154.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/vendors~widget-d0150c2402647e2b9d67.stonly.js

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=818d0ce4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-112.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

368ae960e3ca411720ac6f31ca448bb612747b4c271fecf6f55f7ddc06978640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 06:41:50 GMT
content-encoding: gzip
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P3
age: 1152721
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Feb 2024 10:27:27 GMT
server: nginx
etag: W/"65bcc38f-2e1ea"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=1209600
x-amz-cf-id: JUSKj7H708qBdTyJQQsuQRV-Zi2ZEspU9VseSPga-VBCBQS94_BraQ==
expires: Thu, 22 Feb 2024 06:41:50 GMT

GET
H2 200 widget-8634594fae2faf9a68f5.stonly.js Show response
stonly.com/js/widget/v2/ 171 KB
43 KB 64ms
64ms Script
application/javascript 18.173.154.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=818d0ce4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-112.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

b2d5643e51831b7a8a7e20a3269d46c9d092fc8a9fd029f6bc7b08d49670775c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 16:13:47 GMT
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P3
age: 686404
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Feb 2024 09:59:18 GMT
server: nginx
etag: W/"65cb3d76-2acf8"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=1209600
x-amz-cf-id: a-58orXpcE3kZmtcaVcjuT52i6GlP2KcjSsPk9DFPSvfqdX_wcaUBw==
expires: Tue, 27 Feb 2024 16:13:47 GMT

GET
H2 200 stonly-stat-id.html Show response
s.stonly.com/ Frame A34E 3 KB
1 KB 103ms
28ms Document
text/html 99.84.88.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.stonly.com/stonly-stat-id.html?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&v=1.5
Requested by: Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-10.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 31061
content-encoding: gzip
content-type: text/html
date: Wed, 21 Feb 2024 08:55:26 GMT
etag: W/"b714291e1f3178ac2a5d4e3c7974d64b"
last-modified: Thu, 15 Feb 2024 13:11:58 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-amz-cf-id: -2YpJoPNrK0akU2E3Ac6-k7oFGKFCNDi1kUNK-q6xtI2i69uMQyeGQ==
x-amz-cf-pop: MUC50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 logo-white.6f372dc7.svg
portal.certifid.com/img/ 3 KB
7 KB 19ms
19ms Image
image/svg+xml 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.certifid.com/img/logo-white.6f372dc7.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce214e56678a2a3823962ba4276d0efa70779b34c86a2075a03ec2646b7049f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
etag: "27005492"
x-dns-prefetch-control: off
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
content-length: 2707
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cbb0aef3-7019-4609-95a0-e5c8c6b6c93a
bff.portal.certifid.com/bff/logo/get/cbb0aef3-7019-4609-95a0-e5c8c6b6c93a/ 13 KB
13 KB 347ms
347ms Image
image/png 20.119.0.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bff.portal.certifid.com/bff/logo/get/cbb0aef3-7019-4609-95a0-e5c8c6b6c93a/cbb0aef3-7019-4609-95a0-e5c8c6b6c93a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.0.42 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

858d8ce6a878588f7e59334f4e272fa2aee392837e06cd4c05590787d00cbb9f

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png
Date: Wed, 21 Feb 2024 14:53:51 GMT
Strict-Transport-Security: strict-transport-security: max-age=2592000
Server: Kestrel
Content-Length: 13512
Request-Context: appId=cid-v1:833d63c8-263d-47fc-9c09-e2e8deff99f0

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 21ms
20ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oxygen:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.certifid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:53:19 GMT
x-content-type-options: nosniff
age: 54032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 23:53:19 GMT

GET
H2 200 icomoon.a42cec28.ttf
portal.certifid.com/fonts/ 30 KB
34 KB 18ms
18ms Font
font/ttf 20.4.244.223
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.certifid.com/fonts/icomoon.a42cec28.ttf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.4.244.223 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb43a82deada155a9f84bc96576652c95c5085036e6e7ea19758d6b1d62b5c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f
Origin: https://portal.certifid.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 13:53:14 GMT
etag: "27005492"
x-dns-prefetch-control: off
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://googletagmanager.com https://*.intercom.io https://*.intercomcdn.com https://*.licdn.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.google-analytics.com https://*.churnzero.net https://*.usemessages.com https://*.hs-banner.com https://*.hs-analytics.net https://*.segment.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.stripe.com static.zdassets.com stonly.com; script-src-elem 'self' 'unsafe-inline' https://*.licdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hs-analytics.net https://*.google-analytics.com https://*.churnzero.net https://*.segment.com https://*.usemessages.com https://*.hsadspixel.net https://*.hscollectedforms.net https://*.hsleadflows.net https://*.certifid.com https://*.hotjar.com https://*.googletagmanager.com https://*.stripe.com static.zdassets.com stonly.com api.smooch.io; style-src 'self' 'unsafe-inline' 'report-sample' https://*.fontawesome.com/ https://fonts.googleapis.com https://certifid.us1app.churnzero.net; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com https://certifid.us1app.churnzero.net https://*.typekit.net https://*.fontawesome.com https://*.certifid.com; img-src 'self' data: 'report-sample' blob: *.windows.net https://www.gravatar.com https://*.gravatar.com *.certifid.com https://*.online-metrix.net/ *.hotjar.com *.googletagmanager.com *.intercomcdn.com *.intercomassets.com *.intercomusercontent.com *.intercom.io https://*.intercom-attachments-1.com/ https://*.intercom-attachments-2.com/ https://*.intercom-attachments-3.com/ https://*.intercom-attachments-5.com/ https://*.intercom-attachments-6.com/ https://*.intercom-attachments-7.com/ https://*.intercom-attachments-9.com/ https://*.google-analytics.com https://*.hubspot.com https://*.linkedin.com https://px.ads.linkedin.com https://*.hsforms.com https://certifidpublicstorage.blob.core.windows.net https://*.wp.com https://*.hubspotusercontent30.net px.ads.linkedin.com www.google-analytics.com certifid.zendesk.com static.zdassets.com; font-src 'self' data: https://*.gstatic.com/ https://*.fontawesome.com/ *.hotjar.com *.intercomcdn.com https://*.churnzero.net https://*.typekit.net; connect-src 'self' wss://*.hotjar.com/ wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.certifid.com/ *.hotjar.com https://*.hotjar.com/ *.hotjar.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com https://*.google-analytics.com https://*.segment.io https://*.visualstudio.com https://*.hubspot.com https://*.hubapi.com https://*.churnzero.net https://forms.hsforms.com api-js.mixpanel.com api.stonly.com certifid-v2-dev-bff.azurewebsites.net certifid.zendesk.com ekr.zdassets.com stonly.com zendesk-eu.my.sentry.io api.smooch.io wss://api.smooch.io; media-src 'self' *.intercomcdn.com; object-src 'self'; prefetch-src 'self'; child-src 'self' intercom-sheets.com *.intercom-reporting.com *.youtube.com *.vimeo.com *.wistia.net; frame-src 'self' https://*.certifid.com/ https://*.online-metrix.net https://*.hotjar.com https://*.hubspot.com https://*.stripe.com https://certifid.us1app.churnzero.net s.stonly.com stonly.com; worker-src 'self'; frame-ancestors 'self'; form-action 'self' intercom.help *.intercom.io; block-all-mixed-content; base-uri 'self'; manifest-src 'self'; report-uri https://d01b4b78d100390cc6427a83a6b67d22.report-uri.com/r/t/csp/wizard
content-type: font/ttf
x-frame-options: SAMEORIGIN
cache-control: public, must-revalidate, max-age=30
feature-policy: microphone 'none'; camera 'none'; payment 'none';
content-length: 30372
x-xss-protection: 1; mode=block

POST
H2 200 identify Show response
api.stonly.com/api/v1/targeting/ 38 B
453 B 96ms
38ms XHR
application/json 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1708527231852
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 14:53:52 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"26-NFKChCaGCPgLuaMJn62pKH75t6U"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 204 identify
api.stonly.com/api/v1/targeting/ Frame 0
0 93ms
30ms Preflight 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/targeting/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,timestamp
Access-Control-Request-Method: POST
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache
date: Wed, 21 Feb 2024 14:53:51 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 integration
api.stonly.com/api/v2/widget/ Frame 0
0 29ms
28ms Preflight 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v2/widget/integration?widgetId=d563b457-d065-11ec-9fb8-0ae9fa2a18a2&stonlyAnonymousId=d0e3bcbd-1d6f-4051-ae32-374a55e2a0de&url=https%3A%2F%2Fportal.certifid.com%2Fclient%2Fsend%2Fc97ad1b2f4104f20abf1b8280dbff83f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: timestamp
Access-Control-Request-Method: GET
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache
date: Wed, 21 Feb 2024 14:53:52 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integration Show response
api.stonly.com/api/v2/widget/ 582 B
818 B 35ms
34ms XHR
application/json 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

3533ef4124a6948d1a91ab730a5f482a1f6859cefaa11384b9dd72ce0e518397

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1708527232056
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:53:52 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"246-xQXTUkoNONbK+ufNDv8VFS85a2Y"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 stat Show response
api.stonly.com/api/v1/ 28 B
391 B 30ms
29ms XHR
application/json 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/stat

Requested by

Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

timestamp: 1708527232125
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 14:53:52 GMT
strict-transport-security: max-age=2592000;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: nginx
etag: W/"1c-ByTQlyo2Qy1Btr155OVZJfDYTX0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 204 stat
api.stonly.com/api/v1/ Frame 0
0 29ms
29ms Preflight 51.44.40.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stonly.com/api/v1/stat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.44.40.105 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-51-44-40-105.eu-west-3.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,timestamp
Access-Control-Request-Method: POST
Origin: https://portal.certifid.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,timestamp
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://portal.certifid.com
cache-control: no-cache
date: Wed, 21 Feb 2024 14:53:52 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=2592000;
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST /
api-js.mixpanel.com/track/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-js.mixpanel.com
URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1708527235339

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MJGHKHT01&gtm=45je42h0v873605727za200&_p=1708527230342&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1618943072.1708527231&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708527230&sct=1&seg=0&dl=https%3A%2F%2Fportal.certifid.com%2Fclient%2Fsend%2Fc97ad1b2f4104f20abf1b8280dbff83f&dt=CertifID&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5818

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.certifid.com/	1970-01-21 03:21:03	Name: mp_b90f8f11a431180f7a4c9009fb68d24d_mixpanel Value: %7B%22distinct_id%22%3A%20%2218dcc289d848ed-0c428037b4f3c4-6e3e5652-1d4c00-18dcc289d859c2%22%2C%22%24device_id%22%3A%20%2218dcc289d848ed-0c428037b4f3c4-6e3e5652-1d4c00-18dcc289d859c2%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.certifid.com/	1970-01-21 03:21:03	Name: _hjSessionUser_2333061 Value: eyJpZCI6IjVhNDA2NDVmLWZkNjQtNTkxNC04MzQ2LWM2N2M0NzhlNTRiOCIsImNyZWF0ZWQiOjE3MDg1MjcyMzA2MTcsImV4aXN0aW5nIjp0cnVlfQ==
.certifid.com/	1970-01-20 18:35:29	Name: _hjSession_2333061 Value: eyJpZCI6ImQzMzk2MGQ5LWVkMDEtNGYwMi04NmQ4LWUzMTMyNzMwYWY5YiIsImMiOjE3MDg1MjcyMzA2MTgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.certifid.com/	1970-01-21 04:11:27	Name: _ga Value: GA1.1.1618943072.1708527231
.certifid.com/	1970-01-21 04:11:27	Name: _ga_8MJGHKHT01 Value: GS1.1.1708527230.1.0.1708527230.0.0.0
bff.portal.certifid.com/	1969-12-31 23:59:59	Name: activity-session-id Value: 3782693a-af34-4193-b1e9-d8b470e671b1
portal.certifid.com/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
portal.certifid.com/	1970-01-20 18:35:27	Name: _hjUserAttributesHash Value: e676be4456ec655a2442b98c6639ef0a
.api.stonly.com/	1969-12-31 23:59:59	Name: _csrf Value: 4BlXpUdQwCJ9xbDpwy_E0YMr

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=292ba308-e595-46be-9306-36a4575b2007 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a0370fe.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a0370fe.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://stonly.com/js/widget/v2/widget-8634594fae2faf9a68f5.stonly.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://portal.certifid.com/client/send/c97ad1b2f4104f20abf1b8280dbff83f Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
api.stonly.com
bff.portal.certifid.com
certifid.zendesk.com
content.hotjar.io
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
portal.certifid.com
region1.google-analytics.com
s.stonly.com
script.hotjar.com
static.hotjar.com
static.zdassets.com
stonly.com
use.fontawesome.com
www.googletagmanager.com
api-js.mixpanel.com
region1.google-analytics.com
104.16.51.111
104.18.70.113
104.18.72.113
142.250.184.227
142.250.185.72
172.64.206.38
18.165.183.87
18.173.154.112
18.66.97.53
20.119.0.42
20.4.244.223
216.239.32.36
216.58.206.42
51.44.40.105
63.35.22.222
99.84.88.10
099c7a5455547f3bd988421fbfa52841d159d14df28f4fb762f82e20f4193abf
0adc2fad9a2201b20e61d22f4e462a54bde5b52db1219c20b926d75c95eb7c06
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343
12dc0bd0a70c60794b1bc0cc599ce9826c356e41b98a0294f8356495583221c0
2fcfb4a0c91b968a5909a888b0f83fe2531ef0e8b08dab9743cd083717fe429e
31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295
333092c28da0b633324a085065e53f1f9f0f3cd5f2c597b5dc9a02663ed362b0
3533ef4124a6948d1a91ab730a5f482a1f6859cefaa11384b9dd72ce0e518397
368ae960e3ca411720ac6f31ca448bb612747b4c271fecf6f55f7ddc06978640
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
3fbe016850a769e87d86f8e9e67bc2cecafed381d8206cd55b471992d3b886bd
50555a3979c6bcf61633c66ec535b045b9dfc62b5a8f8671e865f47bde4a92c8
51ad9646915c92d61644346cead81ac3993fad26de6c4b80efe69a568cecece9
52156d233fe19698a9aec69a4af2ffba9b51289f2e213db1f09ebda59ff59c9a
527c51add63f59df930ee34f24878cdb3620dd35aa8f36f16cac1befef1345b6
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
587fac780a1eddc6ff0b72f52102659be87ce3dcae34fecc3e3e5b3b7e6fc098
5e4bf12f5252ef6882a217f877ecd9e2abd8624f4eb811f6449e415c9c81c343
6053a11a8b0d87929f83c632fd1c4b10c813813abaa4185e03b4faddf0447fc9
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
6fecb59e41404bc6c700401de4367e707dac61c18cb4186a8426be6f74e3e9e9
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
858d8ce6a878588f7e59334f4e272fa2aee392837e06cd4c05590787d00cbb9f
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8aef2891c0431e76f1b18cde425e1ac181b923c29f329558747647b24970d02c
91aa70258ed1b04bcc25a429f822c87a8e5ab3851dbda3084fa3f518d93e844b
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a3645567f3492230e755a0b86645e8759fe6cc1aae032107dd56f0fb69280d8a
a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b
b2d5643e51831b7a8a7e20a3269d46c9d092fc8a9fd029f6bc7b08d49670775c
bb43a82deada155a9f84bc96576652c95c5085036e6e7ea19758d6b1d62b5c68
bd0a1a1675d65a1cc26b0c1c9d0711d8813e6b32a78b4ba706db469c772fe2c3
bfd29fb2c7e3b63b0ed140f2aa11537909d41c317d1faed5bb957b35f8c64779
c8fded03d7a72362273212ef50e8b5d984114f147f273b98e041b9e50fa0c4c7
cb81da1594351a5778f51d18076d788972fc92741a095fc58ecd8e4644403d7f
cddbe547dfb2064dbc10a565779cd5292393a41853b7656d399eaaee2e4b0f89
ce214e56678a2a3823962ba4276d0efa70779b34c86a2075a03ec2646b7049f5
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
d5bf4a2b5d7469bd3b0c60da16d4d6ec59395c74b21b2951766acf1a489f6896
db67a123847891bdd6fd4403e632d58c418de095b05589db858e756edfd8d8f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d49e588de8efb44d0f1f3fbac89f775db2b819b264f0baef2a8d0d2b760a68
eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570
ed27d12e227dce6916933f59a6f571748673bda47ad5162826d66a5e55ce7ddc
f282de84c4fff147e32905988c7df5724c9dd486923c9ac883175a514de0ac1e
f9aab26c1639abef6e474723476d570aa034b68e25a09906214d14f4352be8b3

portal.certifid.com Open in urlscan Pro 20.4.244.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

17 IPs

5 Countries

1283 kBTransfer

4001 kBSize

9 Cookies

2 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.certifid.com Open in urlscan Pro
20.4.244.223 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

1283 kB
Transfer

4001 kB
Size

9
Cookies

60 HTTP transactions
0 data transactions