covidcert.nextstep.careers Open in urlscan Pro
2606:4700::6813:ef75  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEIZB~&jid=1799114643&gjid=646526506&cid=1528772692.1585330587&tid=UA-44397410-1&_gid=334789953.1585330587&_r=1&z=2126232152 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_gid=334789953.1585330587&gjid=646526506&_v=j81&z=2126232152 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152&slf_rd=1&random=239874134

Request Chain 33

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIZB~&jid=1287742978&gjid=200196035&cid=1528772692.1585330587&tid=UA-44397410-4&_gid=334789953.1585330587&_r=1&z=1503545825 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_gid=334789953.1585330587&gjid=200196035&_v=j81&z=1503545825 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825&slf_rd=1&random=1121532040

Request Chain 36

• https://prism.app-us1.com/prism.js HTTP 301
• https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Request Chain 41

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEIbR~&jid=599865001&gjid=420359869&cid=1528772692.1585330587&tid=UA-138864403-3&_gid=334789953.1585330587&_r=1&gtm=2wg3i0PFR8DRC&z=194724866 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_gid=334789953.1585330587&gjid=420359869&_v=j81&z=194724866 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866&slf_rd=1&random=2899171594

Request Chain 43

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fcovidcert.nextstep.careers%252F%26time%3D1585330587495%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495&liSync=true

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response covidcert.nextstep.careers/	69 KB 12 KB	757ms 708ms	Document text/html	2606:4700::6813:ef75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:ef75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76c11825cd7240d5628bfaabd599fc8ab560dafeb01ce01d154e5374972ccce6 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority covidcert.nextstep.careers :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Fri, 27 Mar 2020 17:36:26 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=db57950a446718af96b63485bc24526c51585330585; expires=Sun, 26-Apr-20 17:36:25 GMT; path=/; domain=.covidcert.nextstep.careers; HttpOnly; SameSite=Lax ahoy_visitor=d63f3d71-0c19-4441-bc02-e3897547e30c; path=/; expires=Sun, 27 Mar 2022 17:36:26 -0000 ahoy_visit=fd76312d-51c0-4673-b15d-92deeb570d46; path=/; expires=Fri, 27 Mar 2020 21:36:26 -0000 ahoy_track=true; path=/ _afid=d63f3d71-0c19-4441-bc02-e3897547e30c; domain=.nextstep.careers; path=/; expires=Sat, 27 Mar 2021 17:36:26 -0000 aid=d63f3d71-0c19-4441-bc02-e3897547e30c; domain=.nextstep.careers; path=/; expires=Sat, 27 Mar 2021 17:36:26 -0000 site_preview=logged_out; path=/ _session_id=6154dc1709a5152ad5cadfe4700735be; path=/; expires=Sun, 26 Apr 2020 17:36:26 -0000; HttpOnly __cf_bm=6e7cae3806e58f33be089589115c0c2cde8b7459-1585330586-1800-AbAvP11R87psVLglresc4Stow/T1e/AbgYGru+w+DrPhyzNHoOg6GWKfn9vJC9Ale3no85ku+cZ3I75vBBWr4uE=; path=/; expires=Fri, 27-Mar-20 18:06:26 GMT; domain=.covidcert.nextstep.careers; HttpOnly; Secure; SameSite=None __cfruid=b5aad097810886b80d8573ecf1783aecffe7783b-1585330586; path=/; domain=.covidcert.nextstep.careers; HttpOnly; Secure; SameSite=None x-fedora-school-id 534999 cache-control max-age=0, private, must-revalidate strict-transport-security max-age=0 x-request-id 9ebc8bd2-6831-47ce-b782-a8610a0672ec x-runtime 0.101339 vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57aadfa13d87c2bd-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
GET H/1.1	200 OK	pages-9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9.css fedora.teachablecdn.com/assets/	55 KB 8 KB	51ms 7ms	Stylesheet text/css	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fedora.teachablecdn.com/assets/pages-9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9.css Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9d052ea2edee65227a0d04f7ffbbf5395178873655adcfac62027469de2510f9 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 23 Mar 2020 18:48:16 GMT Content-Encoding gzip Age 341291 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 23 Mar 2020 18:36:06 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id ZWCwIqkiScnXvPv8sPdABGbLIjxFta4D Via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Content-Type text/css X-Amz-Cf-Id avqPnPPm0j-dZhsIqXXOUQaP5jJGe-Gih4gCjwLz2_vnvqmSS_JqJw==
GET H2	200	E-v1.js Show response fast.wistia.com/assets/external/	636 KB 115 KB	28ms 9ms	Script application/javascript	2a04:4e42:3::622 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.com/assets/external/E-v1.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 94862a08a84825bb2c4994cae6bbb25d6874f43b2dc2bce665f0f65558582a07 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:26 GMT content-encoding br age 3499 x-cache HIT, HIT status 200 strict-transport-security max-age=0 content-length 117119 via 1.1 varnish, 1.1 varnish x-served-by cache-sea4475-SEA, cache-fra19152-FRA x-browser-version 74 last-modified Fri, 27 Mar 2020 16:31:07 GMT x-timer S1585330587.533128,VS0,VE0 etag "5e7e2a4b-1c97f" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=3600 x-browser chrome x-ecma-v modern accept-ranges bytes timing-allow-origin * x-cache-hits 1, 411
GET H2	200	api.js Show response www.google.com/recaptcha/	674 B 537 B	18ms 17ms	Script text/javascript	2a00:1450:4001:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:26 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 447 x-xss-protection 1; mode=block expires Fri, 27 Mar 2020 17:36:26 GMT
GET H/1.1	200 OK	pages-ed21d709e8bc3a3478eb.js Show response fedora.teachablecdn.com/packs/	312 KB 83 KB	61ms 10ms	Script application/javascript	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fedora.teachablecdn.com/packs/pages-ed21d709e8bc3a3478eb.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 58fde0ef168ad578f0ff2134196a2c714ef6904af77b761b385df108fc0cbc5c Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 27 Mar 2020 14:52:27 GMT Content-Encoding gzip Age 9840 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 27 Mar 2020 14:45:38 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id 7sKmw7w11m6lUT5BgFi5AhwMXu8L.4Bm Via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Content-Type application/javascript X-Amz-Cf-Id i8BS8IULHfP8QA1lq8WcQa7UxHJ_9sofB5qR2fwJRbNPBhxlcYU2jg==
GET H2	200	next-step-covid.b3d24b153.css assets.website-files.com/5e7692543aa62f151f5f3214/css/	156 KB 21 KB	342ms 341ms	Stylesheet text/css	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fb7dc829121726165dc8cb291a08778dfc339ec25d33ffd7aec36cebbc9c1967 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding gzip last-modified Wed, 25 Mar 2020 01:20:10 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "e0d68cb865c8b96efe5b50f4f0de5741" x-cache Miss from cloudfront x-amz-version-id bmaj4H18KfE89NmB_ZuWnoDnqdjlPPSs status 200 cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/css content-length 21133 via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) x-amz-cf-id lRK_oOYAXEXbl4-A4fUp-eyRHB-74QGhRK9UT8VwxaT5XTg8KBg1aA==
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 10 Mar 2020 23:32:50 GMT content-encoding gzip x-content-type-options nosniff age 1447416 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Mar 2021 23:32:50 GMT
GET H2	200	5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg assets.website-files.com/5e7692543aa62f151f5f3214/	4 KB 2 KB	343ms 342ms	Image image/svg+xml	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fe7d25f3243_nextstep-logo-transparent.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0fc25162972aac68fc6f0f744b1623c335c840b9ef18c1885394e042cf43baf3 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding gzip last-modified Sat, 21 Mar 2020 22:16:53 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 vary Accept-Encoding x-cache Miss from cloudfront x-amz-version-id trupaflK3IA6C9GQ2ee5auYYIgTdS9cY status 200 cache-control max-age=31536000, must-revalidate content-type image/svg+xml x-amz-cf-id nhk3Xt19f3j7pi0k8Mk15-i_XKFgr7LfQCLvUNkWeLHsp3wFjWaJSQ== via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront)
GET H2	200	5e7985514416e90c46b2f013_LeadingAge.png assets.website-files.com/5e7692543aa62f151f5f3214/	8 KB 8 KB	1043ms 1040ms	Image image/png	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7985514416e90c46b2f013_LeadingAge.png Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fe75ec3afd45d47cd8007ef3e83231ad603e0e6546e256b4bb69413c7e99d550 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Tue, 24 Mar 2020 03:58:11 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "52b73a3d53f4cbedd69ad5aab61dc8a3" x-cache Miss from cloudfront x-amz-version-id DcYgotdRJv1dct2_qeTJeQ_zB1jr6MN3 status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 7863 x-amz-cf-id LcaefztFq5J17I0u58z6k-gaEYlTHy5aqmaofWxUpbJSJvT90tTbkg==
GET H2	200	5e79850a4416e97f56b2ef77_NDWALogo.png assets.website-files.com/5e7692543aa62f151f5f3214/	11 KB 12 KB	1103ms 1101ms	Image image/png	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e79850a4416e97f56b2ef77_NDWALogo.png Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0610438c89b4f70a238080b480c18feb72783051abe0c5cf55c74a69969e677 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Tue, 24 Mar 2020 03:56:59 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "f07783d1a11a09e1453627df3f6ba14c" x-cache Miss from cloudfront x-amz-version-id 9WT8JHgYPxsH4qYshBI38aULrxA2qLC. status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 11575 x-amz-cf-id L_WFoDTJUopmEp3jX1ngjyMEEX4iXeRYSxg37Sk44g9tCtoSNJKLPA==
GET H2	200	5e7692543aa62f10755f32c4_DrGuptaBW.jpg assets.website-files.com/5e7692543aa62f151f5f3214/	74 KB 75 KB	1130ms 1128ms	Image image/jpeg	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f10755f32c4_DrGuptaBW.jpg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc64b08d48bdaf68f94826800cbfb9512f3de285a9dfdfda49a1cd46d817c16a Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Sat, 21 Mar 2020 22:16:54 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "ed485ee8b8ff170ba2a06e9004f69b2d" x-cache Miss from cloudfront x-amz-version-id YcbJrqcgTPdE3w5acS_EUhJCByPOI07m status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 76041 x-amz-cf-id 3dWGw0z9iaot3wGouVMUyvMZUqaqssjOISwupCIjq1SAXro-fZNRWw==
GET H2	200	jquery-3.4.1.min.220afd743d.js Show response d3e54v103j8qbb.cloudfront.net/js/	86 KB 87 KB	740ms 548ms	Script application/javascript	13.35.254.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e7692543aa62f151f5f3214 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.254.106 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-254-106.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://covidcert.nextstep.careers/ Origin https://covidcert.nextstep.careers Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront status 200 access-control-max-age 3000 content-length 88145 last-modified Thu, 27 Jun 2019 18:13:30 GMT server AmazonS3 etag "220afd743d9e9643852e31a135a9f3ae" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id _hFJE1y1a5xX59JbppELEIFNclTgisw60YHmSKgrAPx-2-fdUEwIDQ==
GET H2	200	next-step-covid.3db99c435.js Show response assets.website-files.com/5e7692543aa62f151f5f3214/js/	3 MB 581 KB	439ms 439ms	Script text/javascript	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/js/next-step-covid.3db99c435.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b9cd335f509d53030a7f033c5fd7cd72398f53687b8c915fe508be39dfd4acbe Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:28 GMT content-encoding gzip last-modified Thu, 26 Mar 2020 18:43:01 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "f07a9066ba97f9127309ddda6ddfc744" x-cache Miss from cloudfront x-amz-version-id PACZJ_tFGkMziWaIfsi8HYWvW4EMgsLd status 200 cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/javascript content-length 593472 via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) x-amz-cf-id b9JCq9AodAUbBZ2GC712cDdZx-mCe_kuo7uI9HXKUgFGQPjffYeQWw==
GET H/1.1	200 OK	youtube-brands-43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d.svg fedora.teachablecdn.com/assets/icons/	704 B 1 KB	9ms 8ms	Image image/svg+xml	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fedora.teachablecdn.com/assets/icons/youtube-brands-43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 43c32617529d416391eed20028644a3045ecdb646146cc146bc8a6250fec979d Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sat, 22 Feb 2020 03:07:17 GMT Via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) Age 2989750 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 704 Last-Modified Fri, 21 Feb 2020 21:32:23 GMT Server AmazonS3 ETag "c80ca203c0f773a8502d85ae60f347ce" x-amz-version-id CxG4.7eO0KP_vhHkfRyg.hNpThz6mW_Y Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type image/svg+xml X-Amz-Cf-Id o1CFvz18nye4Uv9M8AK9UF7S668ojt3gmqk92x-ldTaYKdRbhB1c8w==
GET H/1.1	200 OK	lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg fedora.teachablecdn.com/assets/icons/	1014 B 1 KB	10ms 8ms	Image image/svg+xml	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fedora.teachablecdn.com/assets/icons/lightbulb-regular-c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c35fefcabfb6cb98968bf709dd5694cef72de794e62462c57a1ce71df2360ece Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sat, 25 Jan 2020 21:31:31 GMT Content-Encoding gzip Age 5342696 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 24 Jan 2020 20:06:22 GMT Server AmazonS3 Vary Accept-Encoding x-amz-version-id V.SOPGW2mU7vhYJrxaGgp0MAcGvMwPKZ Via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Content-Type image/svg+xml X-Amz-Cf-Id _o2i7kSSw0antAtGrLDRphD5CeyVTzn9nVdwZDBVGaJLFEd45E18Ug==
GET H/1.1	200 OK	file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg fedora.teachablecdn.com/assets/icons/	713 B 1 KB	26ms 9ms	Image image/svg+xml	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fedora.teachablecdn.com/assets/icons/file-alt-solid-b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b609d1a1c9744a776bcbd67167ee3f078c648445052309bc5e120aa2bf776d2b Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Sat, 22 Feb 2020 08:29:41 GMT Via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) Age 2970407 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 713 Last-Modified Fri, 21 Feb 2020 21:32:22 GMT Server AmazonS3 ETag "cf5e4039d88b7054bd1ac282e861a537" x-amz-version-id ywtQEvtzWOGiuA.UtpnzrDZa6qeIO63I Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type image/svg+xml X-Amz-Cf-Id X2awnpto-rxFET3QvXBbhHJtOshu29mCgL-AONwPN4SAg8Tyy4SbPQ==
GET H/1.1	200 OK	chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg fedora.teachablecdn.com/assets/icons/	523 B 1 KB	27ms 9ms	Image image/svg+xml	2600:9000:214f:3a00:2:6743:8540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fedora.teachablecdn.com/assets/icons/chevron-down-solid-263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:3a00:2:6743:8540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 263093b97bd01b06adb0ad6caee9cc0ed3fd93607596fb8dee102ebd20d6d85e Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 09 Jan 2020 05:54:58 GMT Via 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront) Age 6781290 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 523 Last-Modified Wed, 08 Jan 2020 22:21:59 GMT Server AmazonS3 ETag "2c0862a67bfb8773d52c7833e17cd5ca" x-amz-version-id TaIq1oUqlsshj_MOLIPSApz8eVD2CVId Cache-Control max-age=31536000,public X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type image/svg+xml X-Amz-Cf-Id MEWgTMLIX15QifPTbrFW2ARO7D3bxtktHDGt9JY2Se2Y7j7lKaP7pw==
GET H2	200	5e7692543aa62fb4a35f324b_nextstep-logo-transparent-copy-3.svg assets.website-files.com/5e7692543aa62f151f5f3214/	654 B 1 KB	1034ms 1032ms	Image image/svg+xml	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fb4a35f324b_nextstep-logo-transparent-copy-3.svg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2b63ca90a16140a595ecfa8f2f8cd64785c2aaba77031dff0a6fe296984f75c Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Sat, 21 Mar 2020 22:16:53 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "01a49985a63bafe7919592cb379739c6" x-cache Miss from cloudfront x-amz-version-id fGlsGrcj3LDtFhW9wX5Cu0zo9glYRgaz status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/svg+xml content-length 654 x-amz-cf-id eeZ5GhQt-AXuUHBJITFInw8wON55-rhVOtqrwCGLs831AieiyFBv8Q==
GET H2	200	email-decode.min.js Show response covidcert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 830 B	44ms 41ms	Script application/javascript	2606:4700::6813:ef75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://covidcert.nextstep.careers/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:ef75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding gzip vary Accept-Encoding last-modified Mon, 23 Mar 2020 15:58:02 GMT server cloudflare etag W/"5e78dc8a-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=172800, public cf-ray 57aadfaa0e4bc2bd-FRA expires Sun, 29 Mar 2020 17:36:27 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	126 KB 31 KB	27ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 content-length 30466 x-xss-protection 0 pragma public x-fb-debug cajWIlvA5wG97zcygWIWz6jVSQDsmfjPUiS6ykIMsKhSvPxfBnPADOJUWMf3d2xynZ+Xa3sjPRuU1lJcBlOppQ== x-fb-trip-id 1850256238 date Fri, 27 Mar 2020 17:36:27 GMT, Fri, 27 Mar 2020 17:36:27 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/	260 KB 93 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 23 Mar 2020 16:31:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 23 Mar 2020 04:07:14 GMT server sffe age 349517 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 94799 x-xss-protection 0 expires Tue, 23 Mar 2021 16:31:10 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 666 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,regular,600 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3f16b57f4700efc5ecf5e0769dd352ab3248855da6cd2af0c489e544d88c9fa5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 27 Mar 2020 17:36:27 GMT server ESF date Fri, 27 Mar 2020 17:36:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 27 Mar 2020 17:36:27 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	118 KB 37 KB	50ms 49ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8242410c1df68afdbd53842d660288e8feaf12bd09a7522c2a66f78813f51c4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 37726 x-xss-protection 0 last-modified Fri, 27 Mar 2020 16:46:31 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 27 Mar 2020 17:36:27 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 3472 date Fri, 27 Mar 2020 16:38:35 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Fri, 27 Mar 2020 18:38:35 GMT
GET H2	200	like.php www.facebook.com/plugins/ Frame B087	0 0	72ms 56ms	Document text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Fwebflow&layout=button_count&locale=en_US&action=like&show_faces=false&share=false Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Fwebflow&layout=button_count&locale=en_US&action=like&show_faces=false&share=false pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://covidcert.nextstep.careers/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://covidcert.nextstep.careers/ Response headers status 200 cache-control private, no-cache, no-store, must-revalidate pragma no-cache strict-transport-security max-age=15552000; preload content-encoding br timing-allow-origin * content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0 expires Sat, 01 Jan 2000 00:00:00 GMT content-type text/html; charset="utf-8" x-fb-debug UqBRgBQaEoBhAsLJw7lRBbU8K4w/VKXdlzilVZQKhKKGMEWk7C6xMDIf04cCNnEl8OVUZLbvuxIS7fgPvRvowQ== date Fri, 27 Mar 2020 17:36:27 GMT Fri, 27 Mar 2020 17:36:27 GMT alt-svc h3-27=":443"; ma=3600
GET H2	200	5e7aab6da892983761a14dd6_nurse%20banner.jpg assets.website-files.com/5e7692543aa62f151f5f3214/	288 KB 289 KB	1096ms 1092ms	Image image/jpeg	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7aab6da892983761a14dd6_nurse%20banner.jpg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf276c86d03402554dc5b59aff8acdb612d9a3b95135ba3917a06b7b8bb06548 Request headers Referer https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Wed, 25 Mar 2020 00:53:02 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "01af95da5e2cf152d9c8812ad60d4227" x-cache Miss from cloudfront x-amz-version-id UVzhiU8r5TLCQLQjI.vSzAcczHJTMK3X status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 295072 x-amz-cf-id kLvWRwG_we5OMz55Z3rOVm9LzIr1Q3KiWEyc0iwexuig7yPYe3FVzw==
GET H2	200	5e7692543aa62f16885f32c3_CoronaVirusModel.jpg assets.website-files.com/5e7692543aa62f151f5f3214/	303 KB 304 KB	1097ms 1092ms	Image image/jpeg	2600:9000:20f1:e000:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62f16885f32c3_CoronaVirusModel.jpg Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20f1:e000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8903e46d1cf5cd05a7698dfb0ebf41a284d19453b1b771c9b51b9792ed9f9125 Request headers Referer https://assets.website-files.com/5e7692543aa62f151f5f3214/css/next-step-covid.b3d24b153.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 bfb6f7dc0d2f5ec95537e251cdcf5525.cloudfront.net (CloudFront) last-modified Sat, 21 Mar 2020 22:16:54 GMT server AmazonS3 x-amz-cf-pop LHR50-C1 etag "d7095b1f8c6ba254797760b5a4402411" x-cache Miss from cloudfront x-amz-version-id gfVySKQ.7KD6ee2wdDKwH394PnbWcdfZ status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 310761 x-amz-cf-id 2mrG_LA2L61SKhmxpKC0oN8FPVK1VxZkgdFnpYNZg-uPTmBobOCJBA==
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Poppins:300,regular,600 Origin https://covidcert.nextstep.careers Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 25 Feb 2020 01:21:58 GMT x-content-type-options nosniff last-modified Tue, 08 Oct 2019 21:22:13 GMT server sffe age 2736869 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 7836 x-xss-protection 0 expires Wed, 24 Feb 2021 01:21:58 GMT
GET H2	200	pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Poppins:300,regular,600 Origin https://covidcert.nextstep.careers Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 Jan 2020 00:54:34 GMT x-content-type-options nosniff last-modified Tue, 08 Oct 2019 21:22:10 GMT server sffe age 4898513 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 7988 x-xss-protection 0 expires Sat, 30 Jan 2021 00:54:34 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Poppins:300,regular,600 Origin https://covidcert.nextstep.careers Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Mar 2020 04:10:32 GMT x-content-type-options nosniff last-modified Tue, 08 Oct 2019 21:22:04 GMT server sffe age 1862755 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 7968 x-xss-protection 0 expires Sat, 06 Mar 2021 04:10:32 GMT
GET H2	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 812 B	7ms 6ms	Script text/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:24:33 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 714 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 738 x-xss-protection 0 expires Fri, 27 Mar 2020 18:24:33 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:11:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 1522 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 1306 x-xss-protection 0 expires Fri, 27 Mar 2020 18:11:05 GMT
GET H2	200	1203189133144839 Show response connect.facebook.net/signals/config/	447 KB 113 KB	89ms 89ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1203189133144839?v=2.9.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 099beafabafab90e563e46d64ebf7fc594c760ccad4622af188696ee0c056b07 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug UH62Slx5HMu9MxQXwhZ46RDpWiuRk7TfGcnTP85N+vdL+PDMLlyutNiK+Ze0fK+n9m4xsTN8sAtpSdUR5doq9g== x-fb-trip-id 1850256238 date Fri, 27 Mar 2020 17:36:27 GMT, Fri, 27 Mar 2020 17:36:27 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certific... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_gid=334789953.1585330587&gjid=646526506&_v=j81&z=2126232152 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152&slf_rd=1&random=239874134	42 B 109 B	28ms 26ms	Image image/gif	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152&slf_rd=1&random=239874134 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-1&cid=1528772692.1585330587&jid=1799114643&_v=j81&z=2126232152&slf_rd=1&random=239874134 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certific... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_gid=334789953.1585330587&gjid=200196035&_v=j81&z=1503545825 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825&slf_rd=1&random=1121532040	42 B 109 B	19ms 18ms	Image image/gif	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825&slf_rd=1&random=1121532040 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44397410-4&cid=1528772692.1585330587&jid=1287742978&_v=j81&z=1503545825&slf_rd=1&random=1121532040 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	63 KB 24 KB	39ms 39ms	Script application/javascript	2a00:1450:4001:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-NB3MGZB&t=gtm1&cid=1528772692.1585330587 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4be811e71a7f5adb418a64fd183aa90fac3858a00db09c973360df94ea439bf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 24231 x-xss-protection 0 last-modified Fri, 27 Mar 2020 16:46:31 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 27 Mar 2020 17:36:27 GMT
GET H2	200	hotjar-1326127.js Show response static.hotjar.com/c/	3 KB 2 KB	138ms 137ms	Script application/javascript	147.75.84.39 PACKET
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1326127.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US), Reverse DNS Software / Resource Hash 0f96d009a9140c45afc65c2b67f96d911a371a8dec869647522fa1c9620d4374 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript section-io-tag hotjar age 0 status 200 access-control-max-age 600 section-io-cache Miss x-cache-hit 1 x-frame-options SAMEORIGIN etag W/af0680901679e1bf63ba1983532667ab vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=60 section-io-origin-time-seconds 0.074 accept-ranges bytes section-io-id a4164777ea9b674a1db5492da1c33c41 section-origin-responded true
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/ Redirect Chain https://prism.app-us1.com/prism.js https://diffuser-cdn.app-us1.com/diffuser/diffuser.js	22 KB 5 KB	22ms 20ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57b30f24ad4ed1361125cf38a7745d107684c853414fe5bfca612e63d5c1ec1a Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding gzip cf-cache-status HIT age 169 x-cache Miss from cloudfront status 200 last-modified Thu, 12 Mar 2020 15:29:55 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 62e719fa1465c080baa6431ff642a8a0.cloudfront.net (CloudFront) cache-control public, max-age=300 x-amz-cf-pop MUC51-C1 cf-ray 57aadfabac22c2fe-FRA x-amz-cf-id K5a2qPaZTqjXr-qcudnzmpMQh-hGcEacWYXtsPH-1AULDsH54oVV1A== Redirect headers date Fri, 27 Mar 2020 17:36:27 GMT cf-cache-status HIT server cloudflare age 3343 location https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 301 cache-control public, max-age=14400 cf-ray 57aadfab7b84c2fe-FRA expires Fri, 27 Mar 2020 21:36:27 GMT
GET H/1.1	200 OK	branch-latest.min.js Show response cdn.branch.io/	77 KB 23 KB	244ms 63ms	Script text/javascript	99.84.5.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.branch.io/branch-latest.min.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.5.19 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-5-19.lhr62.r.cloudfront.net Software AmazonS3 / Resource Hash 6b32a5a9d6377482d78761bb14b2553976026c080c199689876b3f7e8082d2fb Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id 8GVRWq87W1DoDDVyhIjRVb4aKbV.eHPi Content-Encoding gzip Last-Modified Thu, 26 Mar 2020 21:16:32 GMT Server AmazonS3 Age 280 ETag "6ec921ece76f1bd3bfc239d361ef4a2c" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 c727bed829773949471e191d64303113.cloudfront.net (CloudFront) Cache-Control max-age=300 Date Fri, 27 Mar 2020 17:31:48 GMT X-Amz-Cf-Pop LHR62-C2 Connection keep-alive Content-Length 23121 X-Amz-Cf-Id lzmnVzNFWTfbK9K2at_i1YknCwtBjTTWIpTRa8ZcoN2E4lUGi4dRfA==
GET H2	200	5861784.js Show response js.hs-scripts.com/	377 B 584 B	576ms 575ms	Script application/javascript	2606:4700::6811:d2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/5861784.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFR8DRC Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1598c4b868a4bed7c1b3f023631a39cc8d650a3abe1cd3a1213f6315d88fa6b Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:28 GMT content-encoding gzip cf-cache-status MISS status 200 access-control-max-age 3600 content-length 287 server cloudflare x-trace 2B76373B22B0EB3E0481D7DA78FACEFDD2098C3F8B000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://covidcert.nextstep.careers cache-control public, max-age=60 access-control-allow-credentials true accept-ranges bytes cf-ray 57aadfab7f0596bc-FRA expires Fri, 27 Mar 2020 17:37:27 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	3 KB 2 KB	8ms 7ms	Script application/x-javascript	2a02:26f0:1700:182::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:182::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 27 Mar 2020 17:36:27 GMT Content-Encoding gzip Last-Modified Mon, 07 Oct 2019 16:41:31 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=44314 Connection keep-alive Accept-Ranges bytes Content-Length 1576
GET H2	200	/ www.facebook.com/tr/	44 B 299 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1203189133144839&ev=PageView&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&rl=&if=false&ts=1585330587455&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585330587452.1584816913&it=1585330587316&coo=false&rqm=GET Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:27 GMT, Fri, 27 Mar 2020 17:36:27 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Fri, 27 Mar 2020 17:36:27 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=211041417&t=pageview&_s=1&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&ul=en-us&de=UTF-8&dt=National%20COVID%20Ready%20Caregiver%20Certific... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_gid=334789953.1585330587&gjid=420359869&_v=j81&z=194724866 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866&slf_rd=1&random=2899171594	42 B 109 B	19ms 18ms	Image image/gif	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866&slf_rd=1&random=2899171594 Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-138864403-3&cid=1528772692.1585330587&jid=599865001&_v=j81&z=194724866&slf_rd=1&random=2899171594 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response prism.app-us1.com/	0 189 B	207ms 207ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=251993589&u=https%3A%2F%2Fcovidcert.nextstep.careers%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.2.25 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript status 200 cache-control no-cache, private cf-ray 57aadfabdcb0c2fe-FRA content-length 0
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1579452%26url%3Dhttps%253A%252F%252Fcovidcert.nextstep.careers%252F%26time%3D1585... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495&liSync=true	0 57 B	170ms 170ms	Image application/javascript	2a05:f500:11:101::b93f:9005 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495&liSync=true Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 27 Mar 2020 17:36:27 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 status 200 x-li-proto http/2 x-li-pop prod-tln1 content-type application/javascript content-length 0 x-li-uuid ziGkK8U5ABawahMVtSoAAA== Redirect headers date Fri, 27 Mar 2020 17:36:27 GMT x-content-type-options nosniff linkedin-action 1 status 302 strict-transport-security max-age=2592000 content-length 0 x-li-uuid E0uqIcU5ABaQs8/CXSsAAA== server Play pragma no-cache x-li-pop prod-tln1 expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" x-frame-options sameorigin x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1579452&url=https%3A%2F%2Fcovidcert.nextstep.careers%2F&time=1585330587495&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	modules.17c97750a9d093b794df.js Show response script.hotjar.com/	366 KB 69 KB	69ms 68ms	Script application/javascript	147.75.102.239 PACKET
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.17c97750a9d093b794df.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress2 Software / Resource Hash 0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:27 GMT content-encoding br content-type application/javascript age 109263 status 200 section-io-cache Hit content-length 70645 last-modified Thu, 26 Mar 2020 11:12:31 GMT etag "3a5a4807e54283bcadc4388cb084ad93" vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=31536000 section-io-origin-time-seconds 0.085 accept-ranges bytes section-io-id d04042ec9c3e7bf380500a9396745bbf section-origin-responded true
GET H/1.1	200 OK	_r Show response app.link/	90 B 722 B	205ms 169ms	Script text/javascript	2600:9000:20ac:fe00:19:9934:6a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.link/_r?sdk=web2.53.0&branch_key=key_live_eoHwhKJtRQruvhYLU2GFXfegvDeCM7xm&callback=branch_callback__0 Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20ac:fe00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.13.6.2 / Express Resource Hash 90233658188507faec84e1f0b115befc1383ae4eb5ca80a93f5994986f857e08 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 27 Mar 2020 17:36:27 GMT Via 1.1 2e39ee11d8fef0dbede5fe684e3ef0a0.cloudfront.net (CloudFront) X-Content-Type-Options nosniff Server openresty/1.13.6.2 X-Amz-Cf-Pop PRG50 X-Powered-By Express X-Cache Miss from cloudfront Content-Type text/javascript; charset=utf-8 Connection keep-alive Content-Length 90 ETag W/"5a-vbDqtBs5vskQslnLPEvGhPgEmvI" X-Amz-Cf-Id 8D2s1x8ke_xTh0IfuuSBJixvz0LFFcbfgcI7B3vGVIaWFrKMpZxmSQ==
POST H2	200	open Show response api2.branch.io/v1/	267 B 555 B	232ms 215ms	XHR application/json	2600:9000:214f:800:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/open Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.13.6.2 / Resource Hash 8f408abd3d746a9911e4704c2d6fa1308be848ee5247c0763ecbadecc412cb3f Request headers Referer https://covidcert.nextstep.careers/ Origin https://covidcert.nextstep.careers Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront) server openresty/1.13.6.2 x-amz-cf-pop FRA53-C1 status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control no-cache content-length 267 x-amz-cf-id YUeTJ055U6qHHgUZBspfpyI7F6F6uw39dmRjcAcxHTAfs_g38hlXDQ==
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1203189133144839&ev=Microdata&dl=https%3A%2F%2Fcovidcert.nextstep.careers%2F&rl=&if=false&ts=1585330587961&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22National%20COVID%20Ready%20Caregiver%20Certification%20%7C%20NextStep%22%2C%22meta%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20NextStep%20COVID-19%20Certificate.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22COVID-19%20Certification%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.filepicker.io%2Fapi%2Ffile%2Fc1dNDDtTTfqGL8GW6yax%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcovid-cert.nextstep.careers%2Fcourses%2F812905%22%2C%22og%3Adescription%22%3A%22Learn%20to%20protect%20yourself%2C%20those%20you%20care%20for%2C%20and%20your%20family%20from%20the%20novel%20coronavirus%2C%20COVID-19%2C%20with%20the%20NextStep%20COVID-19%20Certificate.%20Dr.%20Vin%20Gupta%20gives%20expert%20advice%20in%20this%20comprehensive%20course.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585330587452.1584816913&it=1585330587316&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: covidcert.nextstep.careers URL: https://covidcert.nextstep.careers/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:27 GMT, Fri, 27 Mar 2020 17:36:27 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Fri, 27 Mar 2020 17:36:27 GMT
GET H2	200	5861784.js Show response js.hs-analytics.net/analytics/1585330500000/	80 KB 22 KB	149ms 149ms	Script text/javascript	2606:4700::6811:46b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1585330500000/5861784.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/5861784.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fde350dafc5affc74669f239f41208ef696e09719c63e581cdc81a09250daa12 Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 17:36:28 GMT content-encoding br cf-cache-status MISS x-amz-request-id 34600DCCFF5650CE x-amz-server-side-encryption AES256 status 200 content-type text/javascript x-amz-id-2 sBmkULuSUyym1lRqYtHRYKewTY9LvmSZ4jsZW27a5JWIn1jO1eOhQJg0Fews0HCyAXM55P1KLT0= last-modified Thu, 12 Mar 2020 16:48:34 GMT server cloudflare etag W/"de441fd752803b249f905781e15042a1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false cf-ray 57aadfaf1f53176e-FRA expires Fri, 27 Mar 2020 17:41:28 GMT
POST H2	200	pageview Show response api2.branch.io/v1/	28 B 363 B	343ms 343ms	XHR application/json	2600:9000:214f:800:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/pageview Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.13.6.2 / Express Resource Hash a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb Request headers Referer https://covidcert.nextstep.careers/ Origin https://covidcert.nextstep.careers Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 27 Mar 2020 17:36:28 GMT via 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront) server openresty/1.13.6.2 x-amz-cf-pop FRA53-C1 x-powered-by Express etag W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY" status 200 x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * content-length 28 x-amz-cf-id UUEKa7Wlq-tv7vmqJSNdk19LCaXVTO6MSeKcqZHE-YnPcf-IxBHBsQ==
GET H2	200	5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json Show response assets.website-files.com/5e7692543aa62f151f5f3214/	8 KB 2 KB	235ms 194ms	XHR application/json	2600:9000:2050:c00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/5e7692543aa62f151f5f3214/5e7692543aa62fda585f32bf_lottieflow-menu-nav-06-2b233a-easey.json Requested by Host: assets.website-files.com URL: https://assets.website-files.com/5e7692543aa62f151f5f3214/js/next-step-covid.3db99c435.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2050:c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash be4e3b094d724a9884bc78027e94634ad09f4234e06e62142b90ccb769c829e2 Request headers Referer https://covidcert.nextstep.careers/ Origin https://covidcert.nextstep.careers Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 27 Mar 2020 17:36:29 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop BUD50-C1 x-cache Miss from cloudfront status 200 access-control-allow-origin * last-modified Sat, 21 Mar 2020 22:16:54 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id vz9bQQL5AkZIEcZ6U_4zrE9xy668m0tD via 1.1 131c765a25a20275f6d8dc2fce7692e7.cloudfront.net (CloudFront) cache-control max-age=31536000, must-revalidate content-type application/json x-amz-cf-id OlmqyCjfpEymR9wvWHogzDUhdgDJAfC6gepQaF3ihl0fzllJZ7lACQ==
GET H2	200	box-469cf41adb11dc78be68c1ae7f9457a4.html vars.hotjar.com/ Frame C3F6	0 0	53ms 53ms	Document text/html	147.75.102.203 PACKET
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1326127.js?sv=7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress3 Software / Resource Hash Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-469cf41adb11dc78be68c1ae7f9457a4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://covidcert.nextstep.careers/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://covidcert.nextstep.careers/ Response headers status 200 date Fri, 27 Mar 2020 17:36:28 GMT content-type text/html content-length 851 last-modified Wed, 25 Mar 2020 15:18:29 GMT etag "d594f1d4c3e5dbd6b556c60d34e0daea" cache-control max-age=31536000 content-encoding br section-io-origin-status 200 section-io-origin-time-seconds 0.086 section-origin-responded true age 131391 vary Accept-Encoding section-io-cache Hit accept-ranges bytes section-io-id b8a2429093724c880789456cde3af512
GET H2	200	__ptq.gif track.hubspot.com/	45 B 233 B	23ms 22ms	Image image/gif	2606:4700::6810:fd05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=5861784&rcu=https%3A%2F%2Fcovid-cert.nextstep.careers%2F&pu=https%3A%2F%2Fcovidcert.nextstep.careers%2F&t=National+COVID+Ready+Caregiver+Certification+%7C+NextStep&cts=1585330588950&vi=b9b1e4eae255bd8d532a629619fd07b6&nc=true&u=248022424.b9b1e4eae255bd8d532a629619fd07b6.1585330588947.1585330588947.1585330588947.1&b=248022424.1.1585330588947 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://covidcert.nextstep.careers/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 17:36:28 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI CUR ADM OUR NOR STA NID" status 200 cache-control no-cache, no-store, no-transform access-control-allow-credentials false strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 57aadfb4ebae16ea-FRA content-type image/gif content-length 45 x-robots-tag none