app.craassessments.com Open in urlscan Pro
34.194.193.23  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 1600976928639 Show response app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/	2 KB 5 KB	385ms 134ms	Document text/html	34.194.193.23 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/1600976928639 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.194.193.23 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-193-23.compute-1.amazonaws.com Software nginx / Resource Hash a14e02f3b9e38d7b611e8849b6977305920118e4dc46a50ec8d511704fdb53e1 Security Headers Name Value Content-Security-Policy default-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; script-src 'self' 'unsafe-eval' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; connect-src * 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; img-src data: 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; style-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host app.craassessments.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Thu, 24 Sep 2020 22:07:45 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Content-Type-Options nosniff Cache-Control no-cache; no-store; must-revalidate Pragma no-cache X-Frame-Options SAMEORIGIN Content-Security-Policy default-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; script-src 'self' 'unsafe-eval' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; connect-src * 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; img-src data: 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; style-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Vary Accept-Encoding Content-Encoding gzip Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Feature-Policy vibrate 'self'; sync-xhr 'self';
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 676 B	60ms 59ms	Script text/javascript	2a00:1450:4001:819::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LdQG_wUAAAAAMup-zrZwo0u8R1HCyayc4_SeFy7 Requested by Host: app.craassessments.com URL: https://app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/1600976928639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 96485bd6efb891a2e76dda26f639d4b93c2658fa96255812934a58fd327cfcfe Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 22:07:41 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 584 x-xss-protection 1; mode=block expires Thu, 24 Sep 2020 22:07:41 GMT
GET H2	200	eac8ffdbeb37a2303f5f046f642d4f33ca660ce5.css djmswox0p0kud.cloudfront.net/	280 KB 51 KB	415ms 383ms	Stylesheet text/css	2600:9000:2057:a000:1d:ca0c:a140:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djmswox0p0kud.cloudfront.net/eac8ffdbeb37a2303f5f046f642d4f33ca660ce5.css?meteor_css_resource=true Requested by Host: app.craassessments.com URL: https://app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/1600976928639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:a000:1d:ca0c:a140:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.6 / Resource Hash 0c87fc26186d02dbb5569b48640c983051a4736e458751539191b14cda0f62d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 22:07:41 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront status 200 strict-transport-security max-age=31536000 pragma no-cache server nginx/1.17.6 etag "eac8ffdbeb37a2303f5f046f642d4f33ca660ce5" vary Accept-Encoding content-type text/css; charset=UTF-8 via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) cache-control no-cache; no-store; must-revalidate accept-ranges bytes x-amz-cf-id J3bP8a7kqt9g9UlVEiFie0V30hKaMMEhEQ1vXusb-CdXjzd6AUGIrA==
GET H/1.1	200 OK	meteor_runtime_config.js Show response app.craassessments.com/	1 KB 3 KB	135ms 134ms	Script application/javascript	34.194.193.23 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.craassessments.com/meteor_runtime_config.js?hash=fa0c6073f0250ff24c5d5ed4221df948c4165929 Requested by Host: app.craassessments.com URL: https://app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/1600976928639 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.194.193.23 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-193-23.compute-1.amazonaws.com Software nginx / Resource Hash 376b054bcb41aca26e6508dc6c1a25d82a179627cc9a0b1955f23f6ccc60b7d8 Security Headers Name Value Content-Security-Policy default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 24 Sep 2020 22:07:45 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Transfer-Encoding chunked Connection keep-alive Content-Type application/javascript; charset=UTF-8 Cache-Control no-cache; no-store; must-revalidate Feature-Policy vibrate 'self'; sync-xhr 'self'; Content-Security-Policy default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Strict-Transport-Security max-age=31536000 Vary Accept-Encoding X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade
GET H2	200	79cbf9031bbdf5b41a3489855130cf79e8d1ada6.js Show response djmswox0p0kud.cloudfront.net/	5 MB 957 KB	421ms 389ms	Script application/javascript	2600:9000:2057:a000:1d:ca0c:a140:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djmswox0p0kud.cloudfront.net/79cbf9031bbdf5b41a3489855130cf79e8d1ada6.js?meteor_js_resource=true Requested by Host: app.craassessments.com URL: https://app.craassessments.com/_verify/KXCIqZHLEtZmBdD-ODCXQMrpI1oYnpe1JdMN2ntcH%20Kq/rlarbDhKs/1600976928639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:a000:1d:ca0c:a140:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.6 / Resource Hash e81c9dd3969039f281be473a238509e39573c1d804faca05cebdd201451737fc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 22:07:41 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront status 200 strict-transport-security max-age=31536000 pragma no-cache server nginx/1.17.6 etag "79cbf9031bbdf5b41a3489855130cf79e8d1ada6" vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) cache-control no-cache; no-store; must-revalidate accept-ranges bytes x-amz-cf-id 97cO5MngY4FMEWZn8ECLcje2G3iBUpvW0cuoUcDzn81ZFGG8rKodrg==
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/	340 KB 133 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LdQG_wUAAAAAMup-zrZwo0u8R1HCyayc4_SeFy7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://app.craassessments.com Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 21:33:15 GMT content-encoding gzip x-content-type-options nosniff age 2066 status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136265 x-xss-protection 0 last-modified Tue, 22 Sep 2020 00:07:57 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 24 Sep 2021 21:33:15 GMT
GET H3-Q050	200	anchor www.google.com/recaptcha/api2/ Frame E8D0	0 0	51ms 38ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQG_wUAAAAAMup-zrZwo0u8R1HCyayc4_SeFy7&co=aHR0cHM6Ly9hcHAuY3JhYXNzZXNzbWVudHMuY29tOjQ0Mw..&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&cb=gwt9hf35p62k Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5SfV1iB9ZB6g1ab6c3GMeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LdQG_wUAAAAAMup-zrZwo0u8R1HCyayc4_SeFy7&co=aHR0cHM6Ly9hcHAuY3JhYXNzZXNzbWVudHMuY29tOjQ0Mw..&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&cb=gwt9hf35p62k pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://app.craassessments.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://app.craassessments.com/ Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 24 Sep 2020 22:07:42 GMT content-security-policy script-src 'report-sample' 'nonce-5SfV1iB9ZB6g1ab6c3GMeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10050 server GSE alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	info Show response app.craassessments.com/sockjs/	78 B 3 KB	132ms 132ms	XHR application/json	34.194.193.23 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.craassessments.com/sockjs/info?cb=fkrd9mzu2n Requested by Host: djmswox0p0kud.cloudfront.net URL: https://djmswox0p0kud.cloudfront.net/79cbf9031bbdf5b41a3489855130cf79e8d1ada6.js?meteor_js_resource=true Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.194.193.23 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-193-23.compute-1.amazonaws.com Software nginx / Resource Hash 6f5f08a3feed6462777426331995e25537d3249fdcd8bc22bd26959c86e016e2 Security Headers Name Value Content-Security-Policy default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://app.craassessments.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 22:07:46 GMT Referrer-Policy no-referrer-when-downgrade Server nginx Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, no-transform, must-revalidate, max-age=0 Feature-Policy vibrate 'self'; sync-xhr 'self'; Content-Security-Policy default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none' Connection keep-alive Vary Origin X-XSS-Protection 1; mode=block

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| __meteor_runtime_config__ function| require object| Package function| Buffer object| process function| $ function| jQuery object| bootbox object| toastr function| onloadcaptcha function| SearchIndex function| Bloodhound object| Mongo object| Session object| Tracker object| Deps object| sAlert object| slidePanel function| check object| Match object| reCAPTCHA object| Injected object| Inject object| GlobalNotification object| GlobalNotifications object| FlowRouter object| BlazeLayout function| moment object| Tabular function| SubsManager function| ReactiveVar object| CollectionHooks object| CDN function| ReactiveAggregate function| _ object| Meteor object| global object| meteorEnv object| WebApp object| DDP object| Blaze object| UI object| Handlebars object| Spacebars function| Template function| meteorInstall object| Accounts object| Reload object| Autoupdate object| HTML object| ___t function| renderTmp object| AssesseeLogTemp object| AssesseeLog object| AssesseeResources object| Assessments object| Behaviors object| ClientGroups object| Clients object| ComplianceNotes object| ConnectionLog object| CountryCodes object| DocumentFiles object| DocumentFolders object| Documents object| EmailTemplates object| HowTo object| InstantMessages object| SiteLogs object| MedicalDictionary object| MonitoringNotes object| PrivacyPolicyContent object| PrivacyPolicy object| Protocols object| Roles object| Scorings object| ScreenLog object| SimulationDocument object| SimulationInstructions object| SimulationSettings object| SimulationStatus object| SimulationUsersStatusRT object| SimulationUsersStatus object| Simulations object| SystemSettings object| TempTimerLog object| TimerLog object| UserConnections object| UserLogs object| UsersDemographic object| SimUsersSummary object| UsersSummary string| craaLogoString string| viewportInitText object| closure_lm_626129

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; script-src 'self' 'unsafe-eval' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; connect-src * 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; img-src data: 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; style-src 'self' https://djmswox0p0kud.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co https://cognito-identity.us-east-1.amazonaws.com; default-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net; connect-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d34nhgzod2ai1o.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://cognito-identity.us-east-1.amazonaws.com/ https://craa-scr-upload.s3.amazonaws.com/ wss://app.craassessments.com; frame-ancestors 'self'; script-src 'self' blob: https://d198zdhq37hr0a.cloudfront.net https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://www.google-analytics.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://videos.sproutvideo.com https://c.sproutvideo.com https://www.screencast.com https://www.google.com https://www.gstatic.com https://ipapi.co; img-src 'self' data: blob: https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://ssl.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net; style-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com; font-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://maxcdn.bootstrapcdn.com https://djmswox0p0kud.cloudfront.net https://d3ept8v2gf1tm8.cloudfront.net https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://k0tq07ygh8b6wq058ai3.craassessments.com https://fPrjldly4bcaUjVz.craassessments.com https://d3ept8v2gf1tm8.cloudfront.net https://www.google.com https://videos.sproutvideo.com; object-src 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.craassessments.com
djmswox0p0kud.cloudfront.net
www.google.com
www.gstatic.com
2600:9000:2057:a000:1d:ca0c:a140:21
2a00:1450:4001:801::2003
2a00:1450:4001:819::2004
2a00:1450:4001:824::2004
34.194.193.23
0c87fc26186d02dbb5569b48640c983051a4736e458751539191b14cda0f62d4
2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82
376b054bcb41aca26e6508dc6c1a25d82a179627cc9a0b1955f23f6ccc60b7d8
6f5f08a3feed6462777426331995e25537d3249fdcd8bc22bd26959c86e016e2
96485bd6efb891a2e76dda26f639d4b93c2658fa96255812934a58fd327cfcfe
a14e02f3b9e38d7b611e8849b6977305920118e4dc46a50ec8d511704fdb53e1
e81c9dd3969039f281be473a238509e39573c1d804faca05cebdd201451737fc