urlscan.io logo urlscan.io
SecurityTrails logo

riman.com Open in urlscan Pro
18.164.116.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://beauty.beautyu.info/
Effective URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Submission: On August 06 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 18.164.116.93, located in United States and belongs to AMAZON-02, US. The main domain is riman.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 8th 2024. Valid for: a year.
This is the only time riman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
25 18.164.116.93 16509 (AMAZON-02)
1 162.159.153.242 13335 (CLOUDFLAR...)
1 23.12.71.209 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 54.188.195.131 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 108.138.106.49 16509 (AMAZON-02)
2 2620:1ec:bdf::38 8075 (MICROSOFT...)
1 157.240.229.1 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.179.94 15169 (GOOGLE)
1 18.164.96.90 16509 (AMAZON-02)
1 18.164.96.54 16509 (AMAZON-02)
1 34.248.162.242 16509 (AMAZON-02)
2 4.227.249.197 8075 (MICROSOFT...)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 216.239.38.181 ()
48 20
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
beauty.beautyu.info
25    18.164.116.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-93.jfk50.r.cloudfront.net
riman.com
1    162.159.153.242 (None, )

ASN13335 (CLOUDFLARENET, US)
payments.worldpay.com
1    23.12.71.209 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-12-71-209.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    2607:f8b0:400d:c0f::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.188.195.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-195-131.us-west-2.compute.amazonaws.com
mars-api.prd.riman.com
1    2607:f8b0:400d:c01::54 (Morganton, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
2    2620:1ec:bdf::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
2    2607:f8b0:400d:c07::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c0f::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net
www.google.ca
1    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
1    18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net
vc.hotjar.io
1    34.248.162.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-162-242.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    216.239.38.181 (None, )

ASN- ()
analytics.google.com
Apex Domain
Subdomains		 Transfer
27 riman.com
riman.com
mars-api.prd.riman.com
5 MB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
u.clarity.ms — Cisco Umbrella Rank: 8734
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 46
analytics.google.com — Cisco Umbrella Rank: 238
84 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
content.hotjar.io — Cisco Umbrella Rank: 8904
402 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
91 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
186 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
773 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
249 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5013
17 KB
1 worldpay.com
payments.worldpay.com — Cisco Umbrella Rank: 115822
7 KB
1 beautyu.info
beauty.beautyu.info
327 B
48 13
Domain Requested by
25 riman.com riman.com
3 analytics.google.com www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 u.clarity.ms www.clarity.ms
2 www.clarity.ms riman.com
www.clarity.ms
2 connect.facebook.net riman.com
connect.facebook.net
2 mars-api.prd.riman.com riman.com
2 www.googletagmanager.com riman.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.ca riman.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 accounts.google.com riman.com
1 appleid.cdn-apple.com riman.com
1 payments.worldpay.com riman.com
1 beauty.beautyu.info 1 redirects
48 19

This site contains no links.

Subject Issuer Validity Valid
*.riman.com
Amazon RSA 2048 M02		 2024-07-08 -
2025-08-07		 a year crt.sh
payments.worldpay.com
WE1		 2024-07-19 -
2024-10-17		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-06-06 -
2024-12-03		 6 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
prd.riman.com
Amazon RSA 2048 M03		 2024-07-10 -
2025-08-09		 a year crt.sh
accounts.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://riman.com/register/on-boarding?referrerCode=2028739033)
Frame ID: 5BD8CD6067A42A94B6D938829718E0DF
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Riman US

Page URL History Show full URLs

  1. https://beauty.beautyu.info/ HTTP 302
    https://riman.com/register/on-boarding?referrerCode=2028739033) Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

48
Requests

98 %
HTTPS

33 %
IPv6

13
Domains

19
Subdomains

20
IPs

3
Countries

5162 kB
Transfer

9632 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://beauty.beautyu.info/ HTTP 302
    https://riman.com/register/on-boarding?referrerCode=2028739033) Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&RedC=c.clarity.ms&MXFR=13965F7FD6926AAD10BB4BACD2926482 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&MUID=21B61A68A7666BAC2CF00EBBA65D6A58

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request on-boarding
riman.com/register/
Redirect Chain
  • https://beauty.beautyu.info/
  • https://riman.com/register/on-boarding?referrerCode=2028739033)
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa9cf8d5da469f7992fd24159f23e3099c0952659ed32163b1981c5e744899be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
5178
content-encoding
gzip
content-type
text/html
date
Tue, 06 Aug 2024 10:24:04 GMT
etag
W/"d0607636ea7ef6e5ee0ab46fa9092cb0"
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
x-amz-cf-id
Jvst-YU4xl_6G--l8rPEv0Xps9X1cAVsNpnBhbzTFxjrtr3_XQayuA==
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Connection
close
Content-Length
86
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Aug 2024 11:50:20 GMT
Location
https://riman.com/register/on-boarding?referrerCode=2028739033)
Server
ip-10-123-125-26.ec2.internal
Vary
Accept-Encoding
X-Request-Id
568782c2-7825-47f5-8949-4779a18e6af7
hpp-embedded-integration-library.js
payments.worldpay.com/resources/hpp/integrations/embedded/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.worldpay.com/resources/hpp/integrations/embedded/js/hpp-embedded-integration-library.js
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b863fcc354d5239bafd0c85cbe8d005028c31ffaa101ac24ff44fb7e53933f85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:50:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 20 Mar 2024 13:22:55 GMT
server
cloudflare
age
64352
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
content-encoding
gzip
cache-control
public, max-age=900
cf-ray
8aeecf12adb7aca2-YYZ
expires
Tue, 06 Aug 2024 12:05:21 GMT
pwacompat.js
riman.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/pwacompat.js
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2f46361c53d9bbd8afd53cfcdb59b34db8256e1d343732f16cf2836b661bc20

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:23 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5279
etag
W/"ef9786073aa77bf503bfdd13499951c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
0w5oNzP3EtkrPHmZN-WXjbWWucj3tXOIIo04WW_7v7_EXzfXtsJjkQ==
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.12.71.209 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-12-71-209.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 06 Aug 2024 11:50:22 GMT
Last-Modified
Tue, 30 Jul 2024 19:36:22 GMT
Server
Apple
ETag
W/"43171-1722368182432"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
index-f19d98b0.js
riman.com/assets/ 		2 MB
448 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/index-f19d98b0.js
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca345c41bfd1eaf2a28da99c69dc93fbfb43fdf4fd2e8465b67ca8ff91bf363c

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:23 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5279
etag
W/"99307adb2930615c971b2d4f613e7723"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
FqIrjvjg_lCVyETFGh7EsI0W_yCrZ0ly9X2gWdmfupG3W7BZcIg8Ww==
index-148ef587.css
riman.com/assets/ 		334 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/index-148ef587.css
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32d3d3426dd24698d3068397196e9f0d0a826ccd3c3c1ece73ec41d2e78709bf

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:23 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5279
etag
W/"cede9994e27ab1f7d373add7b8b6f972"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
x7YDPc3k-AeZFBpPf9ePi41eIhdNHEQqi9qgw566Jv59zLjnz8-0Ag==
registerSW.js
riman.com/ 		134 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/registerSW.js
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:23 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5279
etag
"1872c500de691dce40960bb85481de07"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
134
x-amz-cf-id
GJ08QhHgKQH9wlXG8peaG61L6CfGW6lGaIUkszeRd9tREkE7KC3Wgw==
gtm.js
www.googletagmanager.com/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7T77KVJ
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d33cd7490ed7f5c2fd75ff2f46225b342b1dcd89c5056228dd407b7043a841a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:50:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82642
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 11:50:22 GMT
categories
mars-api.prd.riman.com/product/v1/public/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars-api.prd.riman.com/product/v1/public/categories?country=US
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.195.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-195-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9dee71d7dae709cb5d0ab0ddde9a7d69accda7afba1a7bf487842c10077a04f0

Request headers

Accept
application/json, text/plain, */*
Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 11:50:22 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
OnBoarding-223408c3.js
riman.com/assets/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/OnBoarding-223408c3.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca8aa590d369859f0f4646b5b814415d0a8058b9b33f02d362916559a91738f6

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:24:17 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5166
etag
W/"2990b9b4e575fe6f43d1ed857a6e9c57"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
0NV68r8Eas8nfmyYZD-DWwkf02kyw2_cXF4OauibmgywJwRzhma0WA==
useState-828fa748.js
riman.com/assets/ 		146 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/useState-828fa748.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf96f757e607b440801d74a79cb0ba5f1f66c1a2d1b2e98f2ea3df7fa4afcd5e

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:23:24 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5219
etag
"fd7f906a0274b949cdc2757faea1d026"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
146
x-amz-cf-id
etvSaGnldWLQURBSnZ4Ll3GEpG_wTXQJdJXlm88_6JRNtPjZDGE7fA==
useRefs-aaa9fe7a.js
riman.com/assets/ 		205 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/useRefs-aaa9fe7a.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ff8369ce31625f45b10ea8f2516fab87318370380e4e1b9e301956a50744c2a

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:24:17 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5166
etag
"ab17307dd60608c9d16adf113464a577"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
205
x-amz-cf-id
LJQQWcUTOPmrcWXqdTh4pimr8bS9kRn7pRl2S4IDB_rUH83pYTCaVQ==
_flatRest-4f3a3256.js
riman.com/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/_flatRest-4f3a3256.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2a42f1bd9f5ce181565c6ad9b74009b9523934ac3333cd8915cee59436a1da

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
W/"f1f3cf27964a9c4dbb2d1c5ce39c917e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
W37-K606zRV7yK2Q7WQ3v6Nl3AdhuhLn_4pjuD1FryhMtoZbg27EZQ==
isMobile-e2e89480.js
riman.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/isMobile-e2e89480.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e597d049fbdc7aca23a7c2138ab6d1dd08c52bd0227aeeb681ceda69eed93c92

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
W/"a774b4d10d0a189ad019662568938aaf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
w-X5THdTlqsX_4L-HVOpaPpQaQHTt7zI6Io6dqE6IEoI1TmSywLUFw==
RCheckboxOutlined-375ee4cc.js
riman.com/assets/ 		876 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/RCheckboxOutlined-375ee4cc.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb71b07d679404880088d1b9d3d07952132099c075e2227636a9baf44b96b98f

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:24:17 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5166
etag
"60e5cc88f7b9bb28eb0b0aa8396e7132"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
876
x-amz-cf-id
s52YwynHE2oY4p1Ydx-vIaEwUx02gqJ5C14khg_azIiIKJnNlG24RQ==
un-check-small-142af530.js
riman.com/assets/ 		278 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/un-check-small-142af530.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad11c356233d1d04f4cd5b571df412302b4cccf16d86e82fe0b7ecacf7ebf272

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:24:05 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5178
etag
"4a602ade47be33a03702759626f0a514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
278
x-amz-cf-id
u9SmwT1h56vV28zpx4Kj5qWmgYeqCjoivipJlJBuiqquU249FizHVw==
colored-google-26cc6fb1.js
riman.com/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/colored-google-26cc6fb1.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6a33d5e6a090333cc1de87301a5f4f46a5e6c6788fcb917f871e195d61a166e

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
W/"2df86657c733480deee7e3d66dc577ca"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
uKoJQwe1jww1PbXF8eTNij9EwfLprB6i_aWCbb403RfXKWfXQ5niMw==
email-black-61e95a05.js
riman.com/assets/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/email-black-61e95a05.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56ca1a30c50dcbabea7cf168061f52e3b87d402e6c40a51a69cdbc87a61b6831

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
"7cc9e2cc112168c09cba3ccdcd823595"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
949
x-amz-cf-id
BYbetM2_WHunJqLppdHC8HzskEPSO_v8Zr7L-kWPzoSex2H60kjw7w==
google-2c560549.js
riman.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/google-2c560549.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f1395029edff0a3edb9417540037e8a72b7f9b136bd723aed4e9e921c01e990

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
W/"869dfe7b9029ce6dd42434cd9caf8f64"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
ukEM_SxvHkuQK4KXcEo9kxoeEcKBeJvjVIYp5uD_OuGA_mRt_mVuCw==
index.esm-72181d29.js
riman.com/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/index.esm-72181d29.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb19a8acc03f6c6b1c3e43a584000451a1ac986b5ffa3601fddeec797fb3fbeb

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:25 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5278
etag
W/"3ff9927829a219625bc1e2881bc482d1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
GPp1U-7OwxmHRiZ6Ka0iUSOD5dKUc2r2BScngK4s24Fal-f_50l8zw==
OnBoarding-0f7098e2.css
riman.com/assets/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/OnBoarding-0f7098e2.css
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f7098e24d6f40cc81caa8da116a6dc4e658e7b60f9c3b58dd97a3b471de8a78

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:24:17 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5166
etag
W/"a076f5c069867c29380c128c9eceecaa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
JKnuJglOU3kLdjw9wt2tqeYJpoAj4Mx6gMQIbgLXpQ7nKGDVR-T5Qg==
Montserrat-Regular-c3fb0280.ttf
riman.com/assets/ 		193 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/Montserrat-Regular-c3fb0280.ttf
Requested by
Host: riman.com
URL: https://riman.com/assets/index-148ef587.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3fb0280e4339f6c70cea42b8b432c6fb17fde130fbb12e9209c7cdfa79d976f

Request headers

Referer
https://riman.com/assets/index-148ef587.css
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:26 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5277
etag
W/"5e077c15f6e1d334dd4e9be62b28ac75"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
lwjIH6KHhqV_KFjL5i27h1a70PTONAnuxLNIu39g5S7ygdwZahI2oA==
client
accounts.google.com/gsi/ 		221 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: riman.com
URL: https://riman.com/assets/index.esm-72181d29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::54 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c644614672b06a32edc7a48e9fac590c8bec54d6a3924c04bd64d8f837fbc6d6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zybSkw3EfrpDjz3uxE78qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:50:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zybSkw3EfrpDjz3uxE78qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 06 Aug 2024 11:50:22 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
150213db1cb002be6d9cf31dcdb467d3606be8d7e80a3434fd1a043f70299c2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 11:50:22 GMT
content-md5
F4ZyL19jG4jFqFFzXCm06w==
document-policy
force-load-at-top
x-fb-server-load
58
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
BV4QJUUAK3/ziOoo0HIXXITDWwjloxJC7vEJWVwsd6Iq3Wj94jYXhLhC3La7K9/5Ldp3MP2kdJvQZAHpyrOc/w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
507ac02483088cdcc639da2e26e30787
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f023531cfe026e90bf5ef3c5b6c9118b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 06 Aug 2024 12:00:08 GMT
usa-e06ac0b6.svg
riman.com/assets/ 		5 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riman.com/assets/usa-e06ac0b6.svg
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e06ac0b6fde43047b774729c269c8ac0a99474d3db6f56d90a39879743575fc3

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:32:19 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4684
etag
W/"2832b6afd22b878e515801df908b90f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
9CthBCA5B3if1ehIuwY6EBbOGn13hlJgx-l-cMqSeJqdOUX_OYouQg==
headerPersonal
mars-api.prd.riman.com/member/v1/users/public/ 		177 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars-api.prd.riman.com/member/v1/users/public/headerPersonal?userNumber=2028739033)
Requested by
Host: riman.com
URL: https://riman.com/assets/index-f19d98b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.195.131 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-195-131.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3c16e7ea73d03a0e2572a72db307723e889943e089e9fe216a323bf17b234499

Request headers

Accept
application/json, text/plain, */*
Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 11:50:23 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
register-complete-bg-ed3dd364.webp
riman.com/assets/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riman.com/assets/register-complete-bg-ed3dd364.webp
Requested by
Host: riman.com
URL: https://riman.com/assets/OnBoarding-0f7098e2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed3dd364a6f0c19563f3d5b69041310cb12291635bb0d600a256c798c9353822

Request headers

Referer
https://riman.com/assets/OnBoarding-0f7098e2.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:37:08 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4395
etag
"884a985282df42da0baa6c2be55b11a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
147364
x-amz-cf-id
UmOg8CRrWUEgSdsM0iwYe0z8JV-2hyST7zK4mgCz3DkOAh50Ve8tGA==
Montserrat-Medium-264819b0.ttf
riman.com/assets/ 		193 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/Montserrat-Medium-264819b0.ttf
Requested by
Host: riman.com
URL: https://riman.com/assets/index-148ef587.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
264819b013d40e46a82f5063ae3ce44d3cb8aaced43d85897f4ced66496d5a85

Request headers

Referer
https://riman.com/assets/index-148ef587.css
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:26 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5277
etag
W/"bdb7ba651b7bdcda6ce527b3b6705334"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
Cb-emAshZLglDJfZrS_218wYt6dUaFwQNdbYC8PpSU1lAaLtzyQsPQ==
Montserrat-SemiBold-e23dc6d2.ttf
riman.com/assets/ 		193 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://riman.com/assets/Montserrat-SemiBold-e23dc6d2.ttf
Requested by
Host: riman.com
URL: https://riman.com/assets/index-148ef587.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23dc6d21070d45a1840c2b8217fc17ddd8a502a4db652748ec2f40d3603dc2d

Request headers

Referer
https://riman.com/assets/index-148ef587.css
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:26 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5277
etag
W/"cc10461cb5e0a6f2621c7179f4d6de17"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
J_cH9QBiJpdNS87O9M9wcvitEnus8kaVGzvRLuCmawDE4Ooqj7XwzQ==
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
051817b866747bfeb73513ae13aa611f901626f8c602ffe70de4309ff0205aca

Request headers

Referer
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/ 		319 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QVSQBZW14F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7T77KVJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13c8a3bf0d21201dbddf8e77130f77b9d6507fd7f8fb3a7bfb1e0bf7a845886e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:50:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107064
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 11:50:22 GMT
hotjar-3778404.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3778404.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7T77KVJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
ef786de20eb11ef626e5c8abed5bb080abfd7d1ba8b57b30c4ed0a5eb55a2b49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 11:50:22 GMT
via
1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
26
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/84316533ba43c43d3f205264ba1c272e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
I16LhU7SvPeqS6YwC8AJA2J2d4iq2DL5eQud_09r4Nn42ITKg_zjpw==
lcclurh36f
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lcclurh36f?ref=gtm2
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb8b7989b5f09153d6846dce87d6e834ebadf87f9beca6ee2684cb28a3519820

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Tue, 06 Aug 2024 11:50:22 GMT
x-azure-ref
20240806T115022Z-15c999468cdvvxjn5zk681b8tc0000000kcg000000005a2f
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
sdk.js
connect.facebook.net/en_US/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=40011438265c57bfd90408ab94ee7651
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
f3fea0fd2c0bbce0fba5118965aa0bfb1b217607422d9d98fe959eaf5f256c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://riman.com/
Origin
https://riman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 11:50:22 GMT
content-md5
+2E6/CozZfOukJRNP1EdGg==
document-policy
force-load-at-top
x-fb-server-load
57
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89184
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4315, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
Qz/gDklBMgV6L3cD0jGKcoVhJD6uOnLTXUYECYkzd+MJLAuRLEcmFzVzzWBp5sOgcNXftFNFHKY0UvcVDoqnPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a8147a6752979162591ea884697c2eb9
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"76836a72c620b29a2b521fefa6c3374c"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Aug 2025 11:10:56 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QVSQBZW14F&gtm=45je47v0v9159001793z89158547682za200zb9158547682&_p=1722945022196&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1938270881.1722945023&ecid=1603271177&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1722945022&sct=1&seg=0&dl=https%3A%2F%2Friman.com%2Fregister%2Fon-boarding%3FreferrerCode%3D2028739033)&dt=Riman%20US&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2911
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVSQBZW14F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QVSQBZW14F&cid=1938270881.1722945023&gtm=45je47v0v9159001793z89158547682za200zb9158547682&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVSQBZW14F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QVSQBZW14F&cid=1938270881.1722945023&gtm=45je47v0v9159001793z89158547682za200zb9158547682&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=152843338
Requested by
Host: riman.com
URL: https://riman.com/register/on-boarding?referrerCode=2028739033)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3778404.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
595637
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iuVfewnoiFLL7kUWxmypgVX7117SyiRdmzwgtofY6zRHPSCJBTZN4Q==
clarity.js
www.clarity.ms/s/0.7.43/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lcclurh36f?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:50:23 GMT
content-encoding
br
last-modified
Sun, 04 Aug 2024 12:31:46 GMT
etag
W/"0x8DCB48167E0DF97"
vary
Accept-Encoding
x-azure-ref
20240806T115023Z-15c999468cdvvxjn5zk681b8tc0000000kcg000000005a2q
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
08085db1-501e-0064-6d7a-e6df43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
3778404
vc.hotjar.io/sessions/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3778404?s=0.25&r=0.02291785762305465
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-54.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 11:50:23 GMT
cache-control
no-store
via
1.1 98bc8180e0431e8f05afc9802305f1d2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
-fKArCKAbs659tU62ZP9AnzAUEikjqdaw3P84TravLhEDqax7vphXg==
x-cache
Miss from cloudfront
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3778404&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.248.162.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-162-242.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
723a4f2fc20cfa74772f0bd7caa995d34e25fc59fbc46fb8099dc6e4e18c0829

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 11:50:24 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
collect
u.clarity.ms/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://riman.com
Date
Tue, 06 Aug 2024 11:50:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
manifest.json
riman.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://riman.com/manifest.json
Requested by
Host: riman.com
URL: https://riman.com/pwacompat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc7e2875c4a8f3c3e7af8097016b97257b2186c93366e5bd152b3d41bd3c7a09

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:22:23 GMT
content-encoding
gzip
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
5281
etag
W/"4b3f1b459e73c66f314117b43e4a7105"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
vi-MlS8us8wqBiEWXstEai0ekjpn2p1sLiP3mz-njuZ0iv5quiPLAA==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&RedC=c.clarity.ms&MXFR=13965F7FD6926AAD10BB4BACD2926482
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&MUID=21B61A68A7666BAC2CF00EBBA65D6A58
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&MUID=21B61A68A7666BAC2CF00EBBA65D6A58
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
last-modified
Wed, 31 Jul 2024 18:21:55 GMT
server
Microsoft-IIS/10.0
etag
"bfef2a8676e3da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D9F75B014A154E47880B19E9C24EBFEA Ref B: YMQ01EDGE0511 Ref C: 2024-08-06T11:50:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45C74ECFC50A43398BAB4DE3A47E6F1F&MUID=21B61A68A7666BAC2CF00EBBA65D6A58
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QVSQBZW14F&gtm=45je47v0v9159001793za200zb9158547682&_p=1722945022196&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1938270881.1722945023&ecid=1603271177&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722945022&sct=1&seg=0&dl=https%3A%2F%2Friman.com%2Fregister%2Fon-boarding%3FreferrerCode%3D2028739033)&dt=Riman%20US&en=scroll&epn.percent_scrolled=90&_et=63&tfd=3830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVSQBZW14F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
riman.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://riman.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5fb6d23c5b448c92165dedee8a99a796b4a19391a74d0be95d1580d393d3175

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:32:23 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4681
etag
"6f51c32f3d1ff8789fd99fe4b0e973d4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
1150
x-amz-cf-id
I40KVufCMX_vyurG3ddQEc5uAHxa2a5ECC-dqav494sX8bGzfjMcdw==
favicon.ico
riman.com/ 		1 KB
305 B 		Other
General
Check archive.org
Download Go to
Full URL
https://riman.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-93.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5fb6d23c5b448c92165dedee8a99a796b4a19391a74d0be95d1580d393d3175

Request headers

Referer
https://riman.com/register/on-boarding?referrerCode=2028739033)
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:32:23 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
last-modified
Tue, 06 Aug 2024 10:21:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4682
x-amz-server-side-encryption
AES256
etag
"6f51c32f3d1ff8789fd99fe4b0e973d4"
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
x-amz-cf-id
yVi-pNB8ShYrqDNt5cqyEFXtDJYdSalfe4TbSi0eDfE4SNPmQSZvog==
content-length
1150
collect
u.clarity.ms/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://riman.com
Date
Tue, 06 Aug 2024 11:50:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QVSQBZW14F&gtm=45je47v0v9159001793z89158547682za200zb9158547682&_p=1722945022196&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1938270881.1722945023&ecid=1603271177&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1722945022&sct=1&seg=0&dl=https%3A%2F%2Friman.com%2Fregister%2Fon-boarding%3FreferrerCode%3D2028739033)&dt=Riman%20US&_s=3&tfd=8833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVSQBZW14F&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://riman.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 11:50:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WPCL object| AppleID object| dataLayer object| __VUE_INSTANCE_SETTERS__ object| regeneratorRuntime boolean| __VUE__ function| fbAsyncInit object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| clarity object| FB object| default_gsi object| _F_toggles object| google object| closure_lm_420067 function| onYouTubeIframeAPIReady object| gaGlobal object| __buffer object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

16 Cookies

Domain/Path Name / Value
.payments.worldpay.com/ Name: __cf_bm
Value: e.3MhulTJzADkd6qOP7i9mvRA_5cp1yGcThS_y2RaFo-1722945021-1.0.1.1-eMnrwMQbuG5tmP6dtMgGvkM1B2_rfvLvQoRe4Y2HWPXkmUj8kETH18kBH2Ijo8W1lZVHnkbUGiDFZP5NgBzWwg
.payments.worldpay.com/ Name: __cfruid
Value: 9a02aa282e0511563dab3666cc45ca2a83548049-1722945021
www.clarity.ms/ Name: CLID
Value: 24c3c654bfb24ea083dc45e6b94b6ecf.20240806.20250806
.riman.com/ Name: _ga
Value: GA1.1.1938270881.1722945023
.riman.com/ Name: _clck
Value: 1yqvzuo%7C2%7Cfo3%7C0%7C1679
.riman.com/ Name: _hjSessionUser_3778404
Value: eyJpZCI6IjNkODBlNzM0LTdkMDMtNTkxNC1iNmIxLTlmYWZiNGU2N2M5ZSIsImNyZWF0ZWQiOjE3MjI5NDUwMjM0ODksImV4aXN0aW5nIjp0cnVlfQ==
.riman.com/ Name: _hjSession_3778404
Value: eyJpZCI6Ijg1ODIyZGMxLTQ1YTktNGM5Yy1hYTBiLWU3MDAzNmY3MjEwNSIsImMiOjE3MjI5NDUwMjM0OTIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.riman.com/ Name: _ga_QVSQBZW14F
Value: GS1.1.1722945022.1.0.1722945023.59.0.1603271177
.bing.com/ Name: MUID
Value: 21B61A68A7666BAC2CF00EBBA65D6A58
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 21B61A68A7666BAC2CF00EBBA65D6A58
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 21B61A68A7666BAC2CF00EBBA65D6A58
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.riman.com/ Name: _clsk
Value: 1ruwfk%7C1722945024456%7C1%7C1%7Cu.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
appleid.cdn-apple.com
beauty.beautyu.info
c.bing.com
c.clarity.ms
connect.facebook.net
content.hotjar.io
mars-api.prd.riman.com
payments.worldpay.com
riman.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
u.clarity.ms
vc.hotjar.io
www.clarity.ms
www.google.ca
www.googletagmanager.com
108.138.106.49
142.251.179.94
15.197.225.128
157.240.229.1
162.159.153.242
18.164.116.93
18.164.96.54
18.164.96.90
20.125.209.212
216.239.38.181
23.12.71.209
2607:f8b0:400d:c01::54
2607:f8b0:400d:c07::64
2607:f8b0:400d:c0f::61
2607:f8b0:400d:c0f::9a
2620:1ec:bdf::38
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
34.248.162.242
4.227.249.197
54.188.195.131
051817b866747bfeb73513ae13aa611f901626f8c602ffe70de4309ff0205aca
0f7098e24d6f40cc81caa8da116a6dc4e658e7b60f9c3b58dd97a3b471de8a78
0ff8369ce31625f45b10ea8f2516fab87318370380e4e1b9e301956a50744c2a
13c8a3bf0d21201dbddf8e77130f77b9d6507fd7f8fb3a7bfb1e0bf7a845886e
150213db1cb002be6d9cf31dcdb467d3606be8d7e80a3434fd1a043f70299c2b
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
264819b013d40e46a82f5063ae3ce44d3cb8aaced43d85897f4ced66496d5a85
2f1395029edff0a3edb9417540037e8a72b7f9b136bd723aed4e9e921c01e990
32d3d3426dd24698d3068397196e9f0d0a826ccd3c3c1ece73ec41d2e78709bf
3c16e7ea73d03a0e2572a72db307723e889943e089e9fe216a323bf17b234499
56ca1a30c50dcbabea7cf168061f52e3b87d402e6c40a51a69cdbc87a61b6831
723a4f2fc20cfa74772f0bd7caa995d34e25fc59fbc46fb8099dc6e4e18c0829
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dee71d7dae709cb5d0ab0ddde9a7d69accda7afba1a7bf487842c10077a04f0
9e2a42f1bd9f5ce181565c6ad9b74009b9523934ac3333cd8915cee59436a1da
ad11c356233d1d04f4cd5b571df412302b4cccf16d86e82fe0b7ecacf7ebf272
b863fcc354d5239bafd0c85cbe8d005028c31ffaa101ac24ff44fb7e53933f85
c3fb0280e4339f6c70cea42b8b432c6fb17fde130fbb12e9209c7cdfa79d976f
c644614672b06a32edc7a48e9fac590c8bec54d6a3924c04bd64d8f837fbc6d6
ca345c41bfd1eaf2a28da99c69dc93fbfb43fdf4fd2e8465b67ca8ff91bf363c
ca8aa590d369859f0f4646b5b814415d0a8058b9b33f02d362916559a91738f6
cf96f757e607b440801d74a79cb0ba5f1f66c1a2d1b2e98f2ea3df7fa4afcd5e
d2f46361c53d9bbd8afd53cfcdb59b34db8256e1d343732f16cf2836b661bc20
d33cd7490ed7f5c2fd75ff2f46225b342b1dcd89c5056228dd407b7043a841a3
d6a33d5e6a090333cc1de87301a5f4f46a5e6c6788fcb917f871e195d61a166e
e06ac0b6fde43047b774729c269c8ac0a99474d3db6f56d90a39879743575fc3
e23dc6d21070d45a1840c2b8217fc17ddd8a502a4db652748ec2f40d3603dc2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e597d049fbdc7aca23a7c2138ab6d1dd08c52bd0227aeeb681ceda69eed93c92
eb19a8acc03f6c6b1c3e43a584000451a1ac986b5ffa3601fddeec797fb3fbeb
ed3dd364a6f0c19563f3d5b69041310cb12291635bb0d600a256c798c9353822
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef786de20eb11ef626e5c8abed5bb080abfd7d1ba8b57b30c4ed0a5eb55a2b49
f3fea0fd2c0bbce0fba5118965aa0bfb1b217607422d9d98fe959eaf5f256c6e
f5fb6d23c5b448c92165dedee8a99a796b4a19391a74d0be95d1580d393d3175
fa9cf8d5da469f7992fd24159f23e3099c0952659ed32163b1981c5e744899be
fb71b07d679404880088d1b9d3d07952132099c075e2227636a9baf44b96b98f
fb8b7989b5f09153d6846dce87d6e834ebadf87f9beca6ee2684cb28a3519820
fc7e2875c4a8f3c3e7af8097016b97257b2186c93366e5bd152b3d41bd3c7a09