covid-cert.nextstep.careers Open in urlscan Pro
2606:4700::6813:ee75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covid-cert.nextstep.careers/
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2020, 5:06:54 pm UTC)

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 23 domains to perform 53 HTTP transactions. The main IP is 2606:4700::6813:ee75, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid-cert.nextstep.careers.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 25th 2020. Valid for: 7 months.

This is the only time covid-cert.nextstep.careers was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6813:ee75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:217... 2600:9000:2176:9c00:2:6743:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
3 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
11	2600:9000:20f... 2600:9000:20f1:9a00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.87.83 13.225.87.83	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1 3	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.222.158.231 52.222.158.231	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:182::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	2600:9000:217... 2600:9000:2176:be00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:213... 2600:9000:2134:a200:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:fa05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	25

2 2606:4700::6813:ee75 (United States)

ASN13335 (CLOUDFLARENET, US)

covid-cert.nextstep.careers	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2176:9c00:2:6743:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

fedora.teachablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:20f1:9a00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-83.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:925b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.158.231 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-231.fra53.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:182::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2176:be00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2134:a200:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	website-files.com assets.website-files.com	1 MB
7	google-analytics.com 3 redirects www.google-analytics.com	45 KB
5	teachablecdn.com fedora.teachablecdn.com	94 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	116 KB
4	google.com 3 redirects www.google.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	branch.io cdn.branch.io api2.branch.io	24 KB
3	app-us1.com 1 redirects prism.app-us1.com diffuser-cdn.app-us1.com	5 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
3	google.de www.google.de	327 B
3	doubleclick.net 3 redirects stats.g.doubleclick.net	481 B
2	facebook.com www.facebook.com	404 B
2	facebook.net connect.facebook.net	143 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	nextstep.careers covid-cert.nextstep.careers	13 KB
1	hubspot.com track.hubspot.com	233 B
1	hs-analytics.net js.hs-analytics.net	26 KB
1	app.link app.link	727 B
1	licdn.com snap.licdn.com	2 KB
1	hs-scripts.com js.hs-scripts.com	617 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	wistia.com fast.wistia.com	115 KB
53	23

	Domain	Requested by
11	assets.website-files.com	covid-cert.nextstep.careers assets.website-files.com
7	www.google-analytics.com	3 redirects covid-cert.nextstep.careers www.google-analytics.com
5	fedora.teachablecdn.com	covid-cert.nextstep.careers
4	www.google.com	3 redirects covid-cert.nextstep.careers
3	www.google.de	covid-cert.nextstep.careers
3	stats.g.doubleclick.net	3 redirects
3	fonts.gstatic.com	covid-cert.nextstep.careers
2	api2.branch.io	cdn.branch.io
2	www.facebook.com	covid-cert.nextstep.careers
2	px.ads.linkedin.com	1 redirects covid-cert.nextstep.careers
2	connect.facebook.net	covid-cert.nextstep.careers connect.facebook.net
2	prism.app-us1.com	1 redirects diffuser-cdn.app-us1.com
2	covid-cert.nextstep.careers	covid-cert.nextstep.careers
1	track.hubspot.com
1	vars.hotjar.com	static.hotjar.com
1	js.hs-analytics.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	app.link	cdn.branch.io
1	www.linkedin.com	1 redirects
1	snap.licdn.com	covid-cert.nextstep.careers
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.branch.io	covid-cert.nextstep.careers
1	diffuser-cdn.app-us1.com	covid-cert.nextstep.careers
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	covid-cert.nextstep.careers
1	fonts.googleapis.com	ajax.googleapis.com
1	www.gstatic.com	www.google.com
1	d3e54v103j8qbb.cloudfront.net	covid-cert.nextstep.careers
1	ajax.googleapis.com	covid-cert.nextstep.careers
1	fast.wistia.com	covid-cert.nextstep.careers
53	30

This site contains links to these domains. Also see Links.

Domain
nextstepcareers.teachable.com
www.shopify.com

Subject Issuer	Validity	Valid
covid-cert.nextstep.careers CloudFlare Inc ECC CA-2	`2020-03-25` - `2020-10-09`	7 months	crt.sh
*.teachablecdn.com Amazon	`2019-09-03` - `2020-10-03`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-17` - `2021-03-18`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.website-files.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
ssl861457.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-25` - `2020-09-02`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://covid-cert.nextstep.careers/
Frame ID: 296F5949ADD3A7CF7AB85B1503122024
Requests: 52 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 12EDCDBACD165DAACA95B5721EAD8030
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /prism\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

53
Requests

100 %
HTTPS

89 %
IPv6

23
Domains

30
Subdomains

25
IPs

6
Countries

2024 kB
Transfer

6516 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://nextstepcareers.teachable.com/purchase?product_id=1742445
Title: Individual Enroll

Search URL Search Domain Scan URL

URL: https://www.shopify.com/
Title: Purchase for Team

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEIZB~&jid=1116402728&gjid=327767459&cid=646797642.1585155998&tid=UA-44397410-1&_gid=1453653613.1585155998&_r=1&z=478695105 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_gid=1453653613.1585155998&gjid=327767459&_v=j81&z=478695105 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105&slf_rd=1&random=2544690130

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIZB~&jid=1123801383&gjid=1573816857&cid=646797642.1585155998&tid=UA-44397410-4&_gid=1453653613.1585155998&_r=1&z=1149761787 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_gid=1453653613.1585155998&gjid=1573816857&_v=j81&z=1149761787 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787&slf_rd=1&random=2653081067

Request Chain 33

https://prism.app-us1.com/prism.js HTTP 301
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fcovid-cert.nextstep.careers%252F%26time%3D1585155997767%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767&liSync=true

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIbR~&jid=570753620&gjid=1288563487&cid=646797642.1585155998&tid=UA-138864403-3&_gid=1453653613.1585155998&_r=1&gtm=2wg3i0PFR8DRC&z=385338085 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_gid=1453653613.1585155998&gjid=1288563487&_v=j81&z=385338085 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085&slf_rd=1&random=1204191807

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
covid-cert.nextstep.careers/ 71 KB
12 KB 868ms
804ms Document
text/html 2606:4700::6813:ee75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ee75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2dd789c2bdd98bd3626084c00956473bc24094197f4919ed1f0aab1fe56a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: covid-cert.nextstep.careers
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 25 Mar 2020 17:06:37 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d684fbdb7bbac83b0a09ce1e1dea8a3fb1585155996; expires=Fri, 24-Apr-20 17:06:36 GMT; path=/; domain=.covid-cert.nextstep.careers; HttpOnly; SameSite=Lax ahoy_visitor=e62f24cd-6e2f-449c-866b-bbfe1a9185f3; path=/; expires=Fri, 25 Mar 2022 17:06:36 -0000 ahoy_visit=aa1f0c47-19c4-485c-b8a0-d635fafd3486; path=/; expires=Wed, 25 Mar 2020 21:06:36 -0000 ahoy_track=true; path=/ _afid=e62f24cd-6e2f-449c-866b-bbfe1a9185f3; domain=.nextstep.careers; path=/; expires=Thu, 25 Mar 2021 17:06:36 -0000 aid=e62f24cd-6e2f-449c-866b-bbfe1a9185f3; domain=.nextstep.careers; path=/; expires=Thu, 25 Mar 2021 17:06:36 -0000 site_preview=logged_out; path=/ _session_id=de47bcf6fd0551aebadffe01c5d7d307; path=/; expires=Fri, 24 Apr 2020 17:06:37 -0000; HttpOnly __cf_bm=e51f2463eb2168fa532317e302b958989ec9ddda-1585155997-1800-AXdQM3tYUuIFjZ15hej0FGa/f431/SjxG5mTtrdgH2SNt8Ue0RD0TcezWpEx+Li4E6g8pKVkgU7GDyWH+VbODQY=; path=/; expires=Wed, 25-Mar-20 17:36:37 GMT; domain=.covid-cert.nextstep.careers; HttpOnly; Secure; SameSite=None __cfruid=0fe84de03a075580a79af1e6931e622bc43eb64c-1585155997; path=/; domain=.covid-cert.nextstep.careers; HttpOnly; Secure; SameSite=None
x-fedora-school-id: 534999
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=0
x-request-id: ef5230ae-449e-4151-a896-90686a4093cb
x-runtime: 0.126573
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 579a39310c269796-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK pages-9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9.css
fedora.teachablecdn.com/assets/ 55 KB
8 KB 95ms
15ms Stylesheet
text/css 2600:9000:2176:9c00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fedora.teachablecdn.com/assets/pages-9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9.css
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2176:9c00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 23 Mar 2020 18:47:05 GMT
Content-Encoding: gzip
Age: 166773
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 23 Mar 2020 18:36:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: ZWCwIqkiScnXvPv8sPdABGbLIjxFta4D
Via: 1.1 ac9a9db2e57fbe7ebe7ee8fc2d557857.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: MXP64-C3
Content-Type: text/css
X-Amz-Cf-Id: 5zgqxXsrX3_BtSHOEmsq-GzysdMgdwtlZtuGlTzDK8ahvZ82nKdvEA==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 636 KB
115 KB 25ms
7ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d1376429fe9319d7c39cf0ba28e3420b2af6cdbcda7d49738d814671e200c184

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: br
age: 541
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 117042
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea4468-SEA, cache-fra19130-FRA
x-browser-version: 74
last-modified: Wed, 25 Mar 2020 16:50:20 GMT
x-timer: S1585155997.171028,VS0,VE0
etag: "5e7b8bcc-1c932"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 70

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
543 B 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 25 Mar 2020 17:06:37 GMT

GET
H/1.1 200
OK pages-21e603c438d8dc6fcb49.js Show response
fedora.teachablecdn.com/packs/ 312 KB
83 KB 104ms
15ms Script
application/javascript 2600:9000:2176:9c00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fedora.teachablecdn.com/packs/pages-21e603c438d8dc6fcb49.js
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2176:9c00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b4256405296b6634cd8b4dfaad9b4c6dabe5213de3a87be6c68363a8d78512f

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 23:26:03 GMT
Content-Encoding: gzip
Age: 63635
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 24 Mar 2020 23:17:53 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: p1F5_lISJ_n7S.ytFub89AEuwKxmGI.t
Via: 1.1 976d678772d12ef1dc632cc293efa4f5.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: MXP64-C3
Content-Type: application/javascript
X-Amz-Cf-Id: MXY6DAeK-R-s9w5QDrxU8G2It_--IwuT4eJn8wFM4EA-63ZbaWiXlQ==

GET
H2 200 next-step-covid.b3d24b153.css
assets.website-files.com/5e7692543aa62f151f5f3214/css/ 156 KB
21 KB 463ms
419ms Stylesheet
text/css 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb7dc829121726165dc8cb291a08778dfc339ec25d33ffd7aec36cebbc9c1967

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 01:20:10 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "e0d68cb865c8b96efe5b50f4f0de5741"
x-cache: Miss from cloudfront
x-amz-version-id: bmaj4H18KfE89NmB_ZuWnoDnqdjlPPSs
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/css
content-length: 21133
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
x-amz-cf-id: qjNV17O-XCKY53wJUfk-mjmzPuSZmzaQ0WO7efmG7L17k3Vuyrp22A==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 05 Feb 2020 03:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4283134
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 03:21:03 GMT

GET
H2 200 5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg
assets.website-files.com/5e7692543aa62f151f5f3214/ 4 KB
2 KB 464ms
420ms Image
image/svg+xml 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fc25162972aac68fc6f0f744b1623c335c840b9ef18c1885394e042cf43baf3

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
content-encoding: gzip
last-modified: Sat, 21 Mar 2020 22:16:53 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: trupaflK3IA6C9GQ2ee5auYYIgTdS9cY
status: 200
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: Y9qUGw3HzuAdf459W67rW25SC0zSltMQvlAHMNzfB_Gtf_iVBNwO8Q==
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)

GET
H2 200 5e7692543aa62f7d6b5f3265_x.svg
assets.website-files.com/5e7692543aa62f151f5f3214/ 470 B
868 B 404ms
401ms Image
image/svg+xml 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f7d6b5f3265_x.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5eba9a182ce3b8a4c9bf01f00079e04ac186c6b80515e79bb3476acc9434d824

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:53 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "ab4b823b2ee9f746326a2d2015b27f36"
x-cache: Miss from cloudfront
x-amz-version-id: LQyT.vJKH6yTMoviiBiTlZGuu7fSWYBH
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
content-length: 470
x-amz-cf-id: YKgy2m1t9P5GFVTKZ158kVByWK_txruXEGbnl6_r_f8_eMfriQ4G8w==

GET
H2 200 5e7985514416e90c46b2f013_LeadingAge.png
assets.website-files.com/5e7692543aa62f151f5f3214/ 8 KB
8 KB 353ms
350ms Image
image/png 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7985514416e90c46b2f013_LeadingAge.png
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe75ec3afd45d47cd8007ef3e83231ad603e0e6546e256b4bb69413c7e99d550

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Tue, 24 Mar 2020 03:58:11 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "52b73a3d53f4cbedd69ad5aab61dc8a3"
x-cache: Miss from cloudfront
x-amz-version-id: DcYgotdRJv1dct2_qeTJeQ_zB1jr6MN3
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 7863
x-amz-cf-id: 9OcGH0Fv5TwkFdBDT4h-nGNy4bmH5b9LRGblnSoR_sj-FIijCsEWdQ==

GET
H2 200 5e79850a4416e97f56b2ef77_NDWALogo.png
assets.website-files.com/5e7692543aa62f151f5f3214/ 11 KB
12 KB 404ms
400ms Image
image/png 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e79850a4416e97f56b2ef77_NDWALogo.png
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0610438c89b4f70a238080b480c18feb72783051abe0c5cf55c74a69969e677

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Tue, 24 Mar 2020 03:56:59 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "f07783d1a11a09e1453627df3f6ba14c"
x-cache: Miss from cloudfront
x-amz-version-id: 9WT8JHgYPxsH4qYshBI38aULrxA2qLC.
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 11575
x-amz-cf-id: eA_ZmNE3f2WXxmiRnSnVuqZfjRyMlv96Y6PykunJLdZsF6R3k_y8uw==

GET
H2 200 5e7692543aa62f10755f32c4_DrGuptaBW.jpg
assets.website-files.com/5e7692543aa62f151f5f3214/ 74 KB
75 KB 481ms
478ms Image
image/jpeg 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f10755f32c4_DrGuptaBW.jpg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc64b08d48bdaf68f94826800cbfb9512f3de285a9dfdfda49a1cd46d817c16a

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:54 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "ed485ee8b8ff170ba2a06e9004f69b2d"
x-cache: Miss from cloudfront
x-amz-version-id: YcbJrqcgTPdE3w5acS_EUhJCByPOI07m
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 76041
x-amz-cf-id: X6K29kXdSTKnlR-lpAkhgTfvN2sB8z-U5x8Ff0CtGl7PyY0ijdVTNw==

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
30 KB 502ms
424ms Script
application/javascript 13.225.87.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e7692543aa62f151f5f3214
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-83.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://covid-cert.nextstep.careers/
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amz-cf-id: FNrVOou2j6v2XfBAI3GXNuUAZlyG6xDOJBJ_N0XsitgZtwkGYvz1YA==
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)

GET
H2 200 next-step-covid.4e83258d9.js Show response
assets.website-files.com/5e7692543aa62f151f5f3214/js/ 3 MB
580 KB 241ms
240ms Script
text/javascript 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/js/next-step-covid.4e83258d9.js
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1e908af0611d7c0b157dc1eeca9ea1a07b2e5824662c4820ea1e34de9377bdb

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 01:20:10 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "0571a0e6549b422a21b0d7fba7b92276"
x-cache: Miss from cloudfront
x-amz-version-id: PofCwo.JyHRWI6WYxdjhVqIz3SHcVSyk
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
content-length: 592782
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
x-amz-cf-id: YnS79BKvFtj7vi143duhWukbQ4uDoJvCjYVbctbYgNbxdLWmXVkSMg==

GET
H/1.1 200
OK file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg
fedora.teachablecdn.com/assets/icons/ 713 B
1 KB 18ms
15ms Image
image/svg+xml 2600:9000:2176:9c00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2176:9c00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Jan 2020 23:58:44 GMT
Via: 1.1 976d678772d12ef1dc632cc293efa4f5.cloudfront.net (CloudFront)
Age: 6887274
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 713
Last-Modified: Fri, 03 Jan 2020 22:08:26 GMT
Server: AmazonS3
ETag: "cf5e4039d88b7054bd1ac282e861a537"
x-amz-version-id: nex_UM5vXsOC.9K.CYrbQIjvD_c9kwXT
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Amz-Cf-Id: -Mog8DGxwuIEW3zv_1Tjee0v5grnVEB2UptoXVIIOaPAKfxJxY0eSg==

GET
H/1.1 200
OK lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg
fedora.teachablecdn.com/assets/icons/ 1014 B
1 KB 18ms
16ms Image
image/svg+xml 2600:9000:2176:9c00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2176:9c00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 11 Mar 2020 22:31:53 GMT
Content-Encoding: gzip
Age: 1190085
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 11 Mar 2020 20:33:35 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: eWB8sdtCuPZvFET9mydf2NoxG7BQU5xS
Via: 1.1 ac9a9db2e57fbe7ebe7ee8fc2d557857.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: MXP64-C3
Content-Type: image/svg+xml
X-Amz-Cf-Id: nX_o9Psymtp6e8owYKSPSOetuN-qzJNCk_Rh5TRc05nUkEv2Fnzrzg==

GET
H/1.1 200
OK chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg
fedora.teachablecdn.com/assets/icons/ 523 B
1 KB 33ms
15ms Image
image/svg+xml 2600:9000:2176:9c00:2:6743:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fedora.teachablecdn.com/assets/icons/chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2176:9c00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Jan 2020 10:07:15 GMT
Via: 1.1 976d678772d12ef1dc632cc293efa4f5.cloudfront.net (CloudFront)
Age: 6937162
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 523
Last-Modified: Fri, 03 Jan 2020 22:08:20 GMT
Server: AmazonS3
ETag: "2c0862a67bfb8773d52c7833e17cd5ca"
x-amz-version-id: v65pt8MyadTDnGo_3t0uX4rnYu7Yb3Bn
Cache-Control: max-age=31536000,public
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Amz-Cf-Id: 8mr7Ip5tMdnbsCpQbU-foRdd7KM_p1Avg2i4z3zqxDbHPcfRhvy-aQ==

GET
H2 200 5e7692543aa62fb4a35f324b_nextstep-logo-transparent-copy-3.svg
assets.website-files.com/5e7692543aa62f151f5f3214/ 654 B
1 KB 352ms
349ms Image
image/svg+xml 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fb4a35f324b_nextstep-logo-transparent-copy-3.svg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2b63ca90a16140a595ecfa8f2f8cd64785c2aaba77031dff0a6fe296984f75c

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:53 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "01a49985a63bafe7919592cb379739c6"
x-cache: Miss from cloudfront
x-amz-version-id: fGlsGrcj3LDtFhW9wX5Cu0zo9glYRgaz
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
content-length: 654
x-amz-cf-id: ZTvMlOscUYsAtIksfFK27XWOcVhIoKzo-1U34go4wKUaqc6vQbOWtw==

GET
H2 200 email-decode.min.js Show response
covid-cert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
807 B 18ms
14ms Script
application/javascript 2606:4700::6813:ee75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://covid-cert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ee75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 23 Mar 2020 15:58:02 GMT
server: cloudflare
etag: W/"5e78dc8a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 579a39398df29796-FRA
expires: Fri, 27 Mar 2020 17:06:37 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/ 260 KB
93 KB 257ms
7ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 16:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 04:07:14 GMT
server: sffe
age: 174927
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94799
x-xss-protection: 0
expires: Tue, 23 Mar 2021 16:31:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
666 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,regular,600

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f16b57f4700efc5ecf5e0769dd352ab3248855da6cd2af0c489e544d88c9fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Mar 2020 17:06:37 GMT
server: ESF
date: Wed, 25 Mar 2020 17:06:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Mar 2020 17:06:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
37 KB 47ms
44ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8242410c1df68afdbd53842d660288e8feaf12bd09a7522c2a66f78813f51c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 37726
x-xss-protection: 0
last-modified: Wed, 25 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Mar 2020 17:06:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1682
date: Wed, 25 Mar 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 25 Mar 2020 18:38:35 GMT

GET
H2 200 5e7aab6da892983761a14dd6_nurse%20banner.jpg
assets.website-files.com/5e7692543aa62f151f5f3214/ 288 KB
289 KB 472ms
471ms Image
image/jpeg 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7aab6da892983761a14dd6_nurse%20banner.jpg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf276c86d03402554dc5b59aff8acdb612d9a3b95135ba3917a06b7b8bb06548

Request headers

Referer: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 00:53:02 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "01af95da5e2cf152d9c8812ad60d4227"
x-cache: Miss from cloudfront
x-amz-version-id: UVzhiU8r5TLCQLQjI.vSzAcczHJTMK3X
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 295072
x-amz-cf-id: BMdzUIo6SAEnhB2c1NhcB4BH7rh3F-DCjEMLncwFSDnpMBrYnXuUDw==

GET
H2 200 5e7692543aa62f16885f32c3_CoronaVirusModel.jpg
assets.website-files.com/5e7692543aa62f151f5f3214/ 303 KB
304 KB 472ms
472ms Image
image/jpeg 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f16885f32c3_CoronaVirusModel.jpg
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8903e46d1cf5cd05a7698dfb0ebf41a284d19453b1b771c9b51b9792ed9f9125

Request headers

Referer: https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 22:16:54 GMT
server: AmazonS3
x-amz-cf-pop: LHR50-C1
etag: "d7095b1f8c6ba254797760b5a4402411"
x-cache: Miss from cloudfront
x-amz-version-id: gfVySKQ.7KD6ee2wdDKwH394PnbWcdfZ
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 310761
x-amz-cf-id: hQlC84ekZ89rXBlPKSkGBHukPheJN5MeCgDZbqdbcykBh4_Zjyrrtg==

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:21:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 2562279
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:21:58 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:54:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:10 GMT
server: sffe
age: 4723923
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7988
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:54:34 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:300,regular,600
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:10:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1688165
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:10:32 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
839 B 7ms
7ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 16:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3427
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
expires: Wed, 25 Mar 2020 17:09:30 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 16:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1977
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Wed, 25 Mar 2020 17:33:40 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certifica...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_gid=1453653613.1585155998&gjid=327767459&_v=j81&z=478695105
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105&slf_rd=1&random=2544690130

42 B
109 B

32ms
31ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105&slf_rd=1&random=2544690130

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=646797642.1585155998&jid=1116402728&_v=j81&z=478695105&slf_rd=1&random=2544690130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certifica...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_gid=1453653613.1585155998&gjid=1573816857&_v=j81&z=1149761787
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787&slf_rd=1&random=2653081067

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787&slf_rd=1&random=2653081067

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=646797642.1585155998&jid=1123801383&_v=j81&z=1149761787&slf_rd=1&random=2653081067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NB3MGZB&t=gtm1&cid=646797642.1585155998

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4be811e71a7f5adb418a64fd183aa90fac3858a00db09c973360df94ea439bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24231
x-xss-protection: 0
last-modified: Wed, 25 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Mar 2020 17:06:37 GMT

GET
H2 200 hotjar-1326127.js Show response
static.hotjar.com/c/ 3 KB
2 KB 130ms
100ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1326127.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress15

Software

Resource Hash

a9a20352088d890a0b8c442e5a6f641167ad773ec9c5160e2c4cd4ff2250b50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/7c4521db27aae708c6641c5eae1778f3
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.085
accept-ranges: bytes
section-io-id: df40d672b095053a7e61c036d110b34b
section-origin-responded: true

GET
H2

200

diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain

https://prism.app-us1.com/prism.js
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

22 KB
5 KB

18ms
16ms

Script
application/javascript

2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b30f24ad4ed1361125cf38a7745d107684c853414fe5bfca612e63d5c1ec1a

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 170
x-cache: Miss from cloudfront
status: 200
last-modified: Thu, 12 Mar 2020 15:29:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: MUC51-C1
cf-ray: 579a393a2cf83237-FRA
x-amz-cf-id: K5a2qPaZTqjXr-qcudnzmpMQh-hGcEacWYXtsPH-1AULDsH54oVV1A==

Redirect headers

date: Wed, 25 Mar 2020 17:06:37 GMT
cf-cache-status: HIT
server: cloudflare
age: 1595
location: https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 301
cache-control: public, max-age=14400
cf-ray: 579a3939fc623237-FRA
expires: Wed, 25 Mar 2020 21:06:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: h2LEgCT1MfrDMqwwtL7hw9HOwGH55ewbV+n1xxGe26RiM5K4W8+MfyfyOTqjkwScpaVJJe4hQm7mMOIHZH5sXQ==
x-fb-trip-id: 420120009
date: Wed, 25 Mar 2020 17:06:37 GMT, Wed, 25 Mar 2020 17:06:37 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 86ms
23ms Script
text/javascript 52.222.158.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.158.231 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-231.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5195d160b2cedd371c62cbaf0ce26b99e9aef6a5806f058ee70bdda0df2411e6

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 5NEyz9ePT.A.Hfn17SKcv6g53e3taZh3
Content-Encoding: gzip
Last-Modified: Thu, 12 Mar 2020 19:32:20 GMT
Server: AmazonS3
Age: 156
ETag: "67a51b90fbb116852bdaf4b663e4c5bc"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 300b920cc4a53d2daec2ba8180596d82.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Wed, 25 Mar 2020 17:04:02 GMT
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Content-Length: 22645
X-Amz-Cf-Id: MhgyXA6SNNWnPZqREa1IcW9EEUsvt2OvA8QysQr-cAh02-WHP2WLHg==

GET
H2 200 5861784.js Show response
js.hs-scripts.com/ 377 B
617 B 123ms
123ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5861784.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6300a1cb90cac1946f7c284d685549f8c8b9f2393c7ada8078d1f9c22bad7782

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: gzip
cf-cache-status: MISS
status: 200
access-control-max-age: 3600
content-length: 287
server: cloudflare
x-trace: 2B0E92AACFF364ABAC58E3334A54DCD3B0464FD8ED000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://covid-cert.nextstep.careers
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 579a3939ffcc1f3d-FRA
expires: Wed, 25 Mar 2020 17:07:37 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:1700:182::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:182::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 25 Mar 2020 17:06:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=59447
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fcovid-cert.nextstep.careers%252F%26time%3D158...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767&liSync=true

0
127 B

110ms
110ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767&liSync=true
Requested by: Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: yWPVTvua/xUwJGNQWCsAAA==

Redirect headers

date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: si/KR/ua/xXQRsSWpCsAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&time=1585155997767&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1203189133144839 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 77ms
76ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1203189133144839?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

099beafabafab90e563e46d64ebf7fc594c760ccad4622af188696ee0c056b07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: lbula8tBsTUL7O+8e5UTGztuJjUlYj3NucLbyfW2A3mWoO6zBXQOMpAPQeXBgva7Sz21xWb3FPsyROzQy5a/qA==
x-fb-trip-id: 420120009
date: Wed, 25 Mar 2020 17:06:37 GMT, Wed, 25 Mar 2020 17:06:37 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
173 B 213ms
213ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=251993589&u=https%3A%2F%2Fcovid-cert.nextstep.careers%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 579a393a4d5c3237-FRA
content-length: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=9146081&t=pageview&_s=1&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certifica...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_gid=1453653613.1585155998&gjid=1288563487&_v=j81&z=385338085
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085&slf_rd=1&random=1204191807

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085&slf_rd=1&random=1204191807

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Mar 2020 17:06:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=646797642.1585155998&jid=570753620&_v=j81&z=385338085&slf_rd=1&random=1204191807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
727 B 219ms
172ms Script
text/javascript 2600:9000:2176:be00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.52.7&branch_key=key_live_eoHwhKJtRQruvhYLU2GFXfegvDeCM7xm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2176:be00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

52f5b2a45925c90afad6ac975453dc6ca38a22445c1b31fef2ef3a5248a66e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 25 Mar 2020 17:06:37 GMT
Via: 1.1 946220429f157f0f0ada3caf7d8642cc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: MXP64-C3
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-YAEqCAaorEDhCanMz5E5/bYGZwQ"
X-Amz-Cf-Id: CKY6ue-0giyBzZSBo15rXUr6EsDxnJIKd4be4F0HNB-vQ6ST8hahoA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
252 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203189133144839&ev=PageView&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&rl=&if=false&ts=1585155997875&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585155997874.1680060307&it=1585155997774&coo=false&rqm=GET

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT, Wed, 25 Mar 2020 17:06:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 17:06:37 GMT

GET
H2 200 modules.cf522d0ae101e277829e.js Show response
script.hotjar.com/ 366 KB
69 KB 45ms
15ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.cf522d0ae101e277829e.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash: c67bd443002cf5e2f2522a5476024cdd979997908b0f237f6db588d17000d9bb

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:37 GMT
content-encoding: br
content-type: application/javascript
age: 24672
status: 200
section-io-cache: Hit
content-length: 70686
last-modified: Wed, 25 Mar 2020 10:15:25 GMT
etag: "38a9c26943ec67dac744e32a004b1262"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.022
accept-ranges: bytes
section-io-id: c4d8672439f46a19019ac19d746e6f9d
section-origin-responded: true

GET
H2 200 5861784.js Show response
js.hs-analytics.net/analytics/1585155900000/ 80 KB
26 KB 156ms
156ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1585155900000/5861784.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5861784.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde350dafc5affc74669f239f41208ef696e09719c63e581cdc81a09250daa12

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: C95BD9D9D9DE6D4D
x-amz-server-side-encryption: AES256
status: 200
content-type: text/javascript
x-amz-id-2: 3inHUVirgzp2jeskfM9k8yB2FrkvNheH0fkbBoP6+umJjyYjodV3r3cZ7dM4Nm7O1T+XqovSw2w=
last-modified: Thu, 12 Mar 2020 16:48:34 GMT
server: cloudflare
etag: W/"de441fd752803b249f905781e15042a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 579a393ad800dfdb-FRA
expires: Wed, 25 Mar 2020 17:11:37 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 267 B
554 B 383ms
351ms XHR
application/json 2600:9000:2134:a200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:a200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: ce17fa49ad62345031ed8c3d75faa760a8f8965c533cf00928290e0c7761a845

Request headers

Referer: https://covid-cert.nextstep.careers/
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 023217e9959f3d2bf7a9884037a36e3a.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: MXP64-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 267
x-amz-cf-id: lojioPpWCA2meJ4VeUi07WbYsKxcQZjmY5K8gmNcBJl1oCKv4aHTqw==

GET
H2 200 5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json Show response
assets.website-files.com/5e7692543aa62f151f5f3214/ 8 KB
2 KB 177ms
136ms XHR
application/json 2600:9000:20f1:9a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/js/next-step-covid.4e83258d9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20f1:9a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be4e3b094d724a9884bc78027e94634ad09f4234e06e62142b90ccb769c829e2

Request headers

Referer: https://covid-cert.nextstep.careers/
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 17:06:39 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: LHR50-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Sat, 21 Mar 2020 22:16:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: vz9bQQL5AkZIEcZ6U_4zrE9xy668m0tD
via: 1.1 4278118a12a0d89e17a517194fb2e732.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: application/json
x-amz-cf-id: SCdCjjAhXnKCoLoVZGquKh2Xf3fAXGNjrTFRe8TcxqtKdUb9rPYD7Q==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 12ED 0
0 44ms
14ms Document
text/html 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://covid-cert.nextstep.careers/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covid-cert.nextstep.careers/

Response headers

status: 200
date: Wed, 25 Mar 2020 17:06:37 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 10:36:23 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.042
section-origin-responded: true
age: 21695
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: e8d0eb829571ca3c88a4faa0a60dbbdd

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203189133144839&ev=Microdata&dl=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&rl=&if=false&ts=1585155998378&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep%22%2C%22meta%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20NextStep%20COVID-19%20Certificate.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22COVID-19%20Certification%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.filepicker.io%2Fapi%2Ffile%2Fc1dNDDtTTfqGL8GW6yax%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnextstepcareers.teachable.com%2Fcourses%2F812905%22%2C%22og%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20NextStep%20COVID-19%20Certificate.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585155997874.1680060307&it=1585155997774&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: covid-cert.nextstep.careers
URL: https://covid-cert.nextstep.careers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT, Wed, 25 Mar 2020 17:06:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 17:06:38 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
233 B 36ms
36ms Image
image/gif 2606:4700::6810:fa05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=5861784&rcu=https%3A%2F%2Fnextstepcareers.teachable.com%2F&pu=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&t=National+COVID+Ready+Caregiver+Certification+%7C+NextStep&cts=1585155998427&vi=32dd7ce0a685b4445c32bac69ad1ea1f&nc=true&u=248022424.32dd7ce0a685b4445c32bac69ad1ea1f.1585155998424.1585155998424.1585155998424.1&b=248022424.1.1585155998425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://covid-cert.nextstep.careers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 579a393e38f8d72d-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
362 B 380ms
380ms XHR
application/json 2600:9000:2134:a200:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:a200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://covid-cert.nextstep.careers/
Origin: https://covid-cert.nextstep.careers
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 25 Mar 2020 17:06:38 GMT
via: 1.1 023217e9959f3d2bf7a9884037a36e3a.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: MXP64-C2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 28
x-amz-cf-id: LsN82bLhmWEIXAoDxFiBVC9r4IOLotO1IsR1dGwiKsi3ZDBLKizH-g==

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nextstep.careers/	1970-01-19 17:40:51	Name: __hstc Value: 248022424.32dd7ce0a685b4445c32bac69ad1ea1f.1585155998424.1585155998424.1585155998424.1
.nextstep.careers/	1970-01-19 08:19:16	Name: _gat_teachableTracker Value: 1
.nextstep.careers/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.nextstep.careers/	1970-01-19 08:20:42	Name: _gid Value: GA1.2.1453653613.1585155998
.nextstep.careers/	1970-01-19 08:19:17	Name: __hssc Value: 248022424.1.1585155998425
.nextstep.careers/	1970-01-20 01:50:27	Name: _ga Value: GA1.2.646797642.1585155998
.nextstep.careers/	1970-01-19 16:51:54	Name: _hjid Value: bc2786c5-8623-4634-ba67-e2e67beb70f3
covid-cert.nextstep.careers/	1970-01-19 08:19:30	Name: ahoy_visit Value: aa1f0c47-19c4-485c-b8a0-d635fafd3486
covid-cert.nextstep.careers/	1970-01-19 09:02:27	Name: _session_id Value: de47bcf6fd0551aebadffe01c5d7d307
.nextstep.careers/	1970-01-19 17:40:51	Name: hubspotutk Value: 32dd7ce0a685b4445c32bac69ad1ea1f
covid-cert.nextstep.careers/	1969-12-31 23:59:59	Name: site_preview Value: logged_out
.nextstep.careers/	1970-01-19 17:04:51	Name: aid Value: e62f24cd-6e2f-449c-866b-bbfe1a9185f3
covid-cert.nextstep.careers/	1969-12-31 23:59:59	Name: ahoy_track Value: true
.nextstep.careers/	1970-01-19 10:28:51	Name: _fbp Value: fb.1.1585155997874.1680060307
covid-cert.nextstep.careers/	1970-01-20 01:50:27	Name: ahoy_visitor Value: e62f24cd-6e2f-449c-866b-bbfe1a9185f3
.nextstep.careers/	1970-01-19 17:04:51	Name: _afid Value: e62f24cd-6e2f-449c-866b-bbfe1a9185f3
.nextstep.careers/	1970-01-19 08:19:16	Name: _gat_fedoraTracker Value: 1
.covid-cert.nextstep.careers/	1969-12-31 23:59:59	Name: __cfruid Value: 0fe84de03a075580a79af1e6931e622bc43eb64c-1585155997
.covid-cert.nextstep.careers/	1970-01-19 08:19:17	Name: __cf_bm Value: e51f2463eb2168fa532317e302b958989ec9ddda-1585155997-1800-AXdQM3tYUuIFjZ15hej0FGa/f431/SjxG5mTtrdgH2SNt8Ue0RD0TcezWpEx+Li4E6g8pKVkgU7GDyWH+VbODQY=
.nextstep.careers/	1970-01-19 08:19:16	Name: _gat_UA-138864403-3 Value: 1
.covid-cert.nextstep.careers/	1970-01-19 09:02:27	Name: __cfduid Value: d684fbdb7bbac83b0a09ce1e1dea8a3fb1585155996

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 2) Message: null [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api2.branch.io
app.link
assets.website-files.com
cdn.branch.io
connect.facebook.net
covid-cert.nextstep.careers
d3e54v103j8qbb.cloudfront.net
diffuser-cdn.app-us1.com
fast.wistia.com
fedora.teachablecdn.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-scripts.com
prism.app-us1.com
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.225.87.83
147.75.100.245
2600:9000:20f1:9a00:11:3b84:d200:93a1
2600:9000:2134:a200:11:f728:3040:93a1
2600:9000:2176:9c00:2:6743:8540:93a1
2600:9000:2176:be00:19:9934:6a80:93a1
2606:4700::6810:fa05
2606:4700::6811:43b0
2606:4700::6811:925b
2606:4700::6811:d2cc
2606:4700::6813:ee75
2a00:1450:4001:806::2004
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a02:26f0:1700:182::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::622
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
52.222.158.231
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
099beafabafab90e563e46d64ebf7fc594c760ccad4622af188696ee0c056b07
0fc25162972aac68fc6f0f744b1623c335c840b9ef18c1885394e042cf43baf3
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f2dd789c2bdd98bd3626084c00956473bc24094197f4919ed1f0aab1fe56a1f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e
3f16b57f4700efc5ecf5e0769dd352ab3248855da6cd2af0c489e544d88c9fa5
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4be811e71a7f5adb418a64fd183aa90fac3858a00db09c973360df94ea439bf8
5195d160b2cedd371c62cbaf0ce26b99e9aef6a5806f058ee70bdda0df2411e6
52f5b2a45925c90afad6ac975453dc6ca38a22445c1b31fef2ef3a5248a66e56
57b30f24ad4ed1361125cf38a7745d107684c853414fe5bfca612e63d5c1ec1a
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5eba9a182ce3b8a4c9bf01f00079e04ac186c6b80515e79bb3476acc9434d824
6300a1cb90cac1946f7c284d685549f8c8b9f2393c7ada8078d1f9c22bad7782
7b4256405296b6634cd8b4dfaad9b4c6dabe5213de3a87be6c68363a8d78512f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8242410c1df68afdbd53842d660288e8feaf12bd09a7522c2a66f78813f51c4f
8903e46d1cf5cd05a7698dfb0ebf41a284d19453b1b771c9b51b9792ed9f9125
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9
a2b63ca90a16140a595ecfa8f2f8cd64785c2aaba77031dff0a6fe296984f75c
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a9a20352088d890a0b8c442e5a6f641167ad773ec9c5160e2c4cd4ff2250b50f
b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605
b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b
be4e3b094d724a9884bc78027e94634ad09f4234e06e62142b90ccb769c829e2
beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7
c1e908af0611d7c0b157dc1eeca9ea1a07b2e5824662c4820ea1e34de9377bdb
c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece
c67bd443002cf5e2f2522a5476024cdd979997908b0f237f6db588d17000d9bb
ce17fa49ad62345031ed8c3d75faa760a8f8965c533cf00928290e0c7761a845
cf276c86d03402554dc5b59aff8acdb612d9a3b95135ba3917a06b7b8bb06548
d1376429fe9319d7c39cf0ba28e3420b2af6cdbcda7d49738d814671e200c184
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc64b08d48bdaf68f94826800cbfb9512f3de285a9dfdfda49a1cd46d817c16a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0610438c89b4f70a238080b480c18feb72783051abe0c5cf55c74a69969e677
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fb7dc829121726165dc8cb291a08778dfc339ec25d33ffd7aec36cebbc9c1967
fde350dafc5affc74669f239f41208ef696e09719c63e581cdc81a09250daa12
fe75ec3afd45d47cd8007ef3e83231ad603e0e6546e256b4bb69413c7e99d550

covid-cert.nextstep.careers Open in urlscan Pro 2606:4700::6813:ee75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

89 %IPv6

23 Domains

30 Subdomains

25 IPs

6 Countries

2024 kBTransfer

6516 kBSize

21 Cookies

2 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

covid-cert.nextstep.careers Open in urlscan Pro
2606:4700::6813:ee75 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

89 %
IPv6

23
Domains

30
Subdomains

25
IPs

6
Countries

2024 kB
Transfer

6516 kB
Size

21
Cookies

53 HTTP transactions
0 data transactions