urlscan.io logo urlscan.io
SecurityTrails logo

s3.smartcentre.xerox.com Open in urlscan Pro
2606:4700::6812:868  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.xeroxresponse2.com/Portal/Home/ChangeApp?appTag=29
Effective URL: https://s3.smartcentre.xerox.com/en/portal/
Submission: On August 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700::6812:868, located in United States and belongs to CLOUDFLARENET, US. The main domain is s3.smartcentre.xerox.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 3rd 2023. Valid for: a year.
This is the only time s3.smartcentre.xerox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.212.226.31 16509 (AMAZON-02)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.208 8075 (MICROSOFT...)
16 5
1    52.212.226.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-226-31.eu-west-1.compute.amazonaws.com
www.xeroxresponse2.com
8    2606:4700::6812:868 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.smartcentre.xerox.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.69.106.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
8 xerox.com
s3.smartcentre.xerox.com
572 KB
5 gstatic.com
fonts.gstatic.com
79 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 633
280 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2143
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
1 xeroxresponse2.com
www.xeroxresponse2.com
226 B
16 6
Domain Requested by
8 s3.smartcentre.xerox.com 1 redirects s3.smartcentre.xerox.com
5 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net s3.smartcentre.xerox.com
1 fonts.googleapis.com s3.smartcentre.xerox.com
1 www.xeroxresponse2.com 1 redirects
16 6
Subject Issuer Validity Valid
smartcentre.xerox.com
Sectigo RSA Organization Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 02		 2023-07-05 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://s3.smartcentre.xerox.com/en/portal/
Frame ID: EC9629F5B4C754667C89BDACE889CE89
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SMART Centre Portal

Page URL History Show full URLs

  1. https://www.xeroxresponse2.com/Portal/Home/ChangeApp?appTag=29 HTTP 302
    https://s3.smartcentre.xerox.com/Tools-Marketplace/workplace-assistant-learning-tracker/ HTTP 302
    https://s3.smartcentre.xerox.com/en/portal/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

673 kB
Transfer

1453 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xeroxresponse2.com/Portal/Home/ChangeApp?appTag=29 HTTP 302
    https://s3.smartcentre.xerox.com/Tools-Marketplace/workplace-assistant-learning-tracker/ HTTP 302
    https://s3.smartcentre.xerox.com/en/portal/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s3.smartcentre.xerox.com/en/portal/
Redirect Chain
  • https://www.xeroxresponse2.com/Portal/Home/ChangeApp?appTag=29
  • https://s3.smartcentre.xerox.com/Tools-Marketplace/workplace-assistant-learning-tracker/
  • https://s3.smartcentre.xerox.com/en/portal/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dad1c46af8c0b6bf5e6e2840d26a580b9a249697c8190ce967eeeb202e19683
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
access-control-expose-headers
Request-Context
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7f049cffd80b6973-FRA
content-encoding
gzip
content-length
5171
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 07:30:02 GMT
referrer-policy
strict-origin
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
access-control-expose-headers
Request-Context
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7f049cff3f5e6973-FRA
content-length
1199
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 07:30:02 GMT
location
/en/portal/
referrer-policy
strict-origin
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
794aba165553aff150ae201895cd3f11caa685f911f0fda834a9569c655456b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 07:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 07:30:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Aug 2023 07:30:03 GMT
jquery-ui.min.css
s3.smartcentre.xerox.com/static/css/ 		31 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/static/css/jquery-ui.min.css?v=1086086115
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-length
9850
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 27 Jul 2023 03:21:38 GMT
server
cloudflare
etag
"08d3d7439c0d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/css
access-control-expose-headers
Request-Context
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f049d0048746973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Sep 2023 07:30:02 GMT
style.min.css
s3.smartcentre.xerox.com/static/css/ 		776 KB
171 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/static/css/style.min.css?v=1086086115
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f46355adf44b3bd169679743ed09e71bf81a712223eb9151b3908313084b4e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 27 Jul 2023 03:24:30 GMT
server
cloudflare
etag
"0abc2da39c0d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/css
access-control-expose-headers
Request-Context
cache-control
public, max-age=2592000
cf-ray
7f049d0048766973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Sep 2023 07:30:02 GMT
jquery-3.6.0.min.js
s3.smartcentre.xerox.com/static/js/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/static/js/jquery-3.6.0.min.js?v=1086086115
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-length
39759
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 27 Jul 2023 03:21:38 GMT
server
cloudflare
etag
"08d3d7439c0d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f049d0048776973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Sep 2023 07:30:03 GMT
jquery.validate.min.js
s3.smartcentre.xerox.com/static/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/static/js/jquery.validate.min.js?v=1086086115
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-length
10002
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 27 Jul 2023 03:21:38 GMT
server
cloudflare
etag
"08d3d7439c0d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f049d0048786973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Sep 2023 07:30:02 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 02 Aug 2023 07:30:03 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1771
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8cc53985-801e-0006-5c0f-c56287000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 02 Aug 2023 08:00:03 GMT
women-in-data-room-1.png
s3.smartcentre.xerox.com/contentassets/488f358f9c4e4241ad74fcb4d1e8f980/ 		21 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.smartcentre.xerox.com/contentassets/488f358f9c4e4241ad74fcb4d1e8f980/women-in-data-room-1.png?format=webp&bgcolor=white&quality=75
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/en/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105fbf8b3417719a98f1481638860c20a5d0c9e0a4b2d9da678055b7dff2fbe3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.smartcentre.xerox.com/en/portal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:03 GMT
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-length
21542
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 08 Jun 2023 11:49:42 GMT
server
cloudflare
imageprocessedby
ImageProcessor/2.9.0.207 - ImageProcessor.Web.Episerver/5.8.0.24590
etag
"0x8DB681672583AB7"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
image/webp
access-control-expose-headers
Request-Context
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f049d0179b16973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 01 Aug 2024 07:30:03 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 23:21:58 GMT
x-content-type-options
nosniff
age
374885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 23:21:58 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 05:38:50 GMT
x-content-type-options
nosniff
age
438673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 05:38:50 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 03:46:14 GMT
x-content-type-options
nosniff
age
531829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 03:46:14 GMT
materialdesignicons-webfont.woff2
s3.smartcentre.xerox.com/static/fonts/ 		312 KB
313 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.smartcentre.xerox.com/static/fonts/materialdesignicons-webfont.woff2?v=5.3.45
Requested by
Host: s3.smartcentre.xerox.com
URL: https://s3.smartcentre.xerox.com/static/css/style.min.css?v=1086086115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s3.smartcentre.xerox.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:30:03 GMT
content-security-policy
default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-length
319984
x-xss-protection
1; mode=block
request-context
appId=cid-v1:59f21c61-5717-464e-82d0-90bb4e41c01c
referrer-policy
strict-origin
last-modified
Thu, 27 Jul 2023 03:21:38 GMT
server
cloudflare
etag
"08d3d7439c0d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f049d0189b46973-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 01 Sep 2023 07:30:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options
nosniff
age
444191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 04:06:52 GMT
ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:300italic,400italic,700italic,400,700,300&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s3.smartcentre.xerox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 14:48:03 GMT
x-content-type-options
nosniff
age
319320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:55:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 14:48:03 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://s3.smartcentre.xerox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 02 Aug 2023 07:30:02 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60b2c1d8391bf06822e6ccaca662c92c06f932667d35e42d399bbcc8c58bad8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://s3.smartcentre.xerox.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
47CC8EA4-6975-4039-81D2-A20F1C20C1A4
strict-transport-security
max-age=31536000
date
Wed, 02 Aug 2023 07:30:02 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights function| $ function| jQuery object| AI object| Microsoft function| __extends function| _endsWith

9 Cookies

Domain/Path Name / Value
.s3.smartcentre.xerox.com/ Name: TiPMix
Value: 42.735290774644774
.s3.smartcentre.xerox.com/ Name: x-ms-routing-name
Value: self
s3.smartcentre.xerox.com/ Name: ASP.NET_SessionId
Value: gdy5i3irn0dlpuhklh1kycve
s3.smartcentre.xerox.com/ Name: auth_redirect_target
Value: https://s3.smartcentre.xerox.com/Tools-Marketplace/workplace-assistant-learning-tracker/
.smartcentre.xerox.com/ Name: auth_redirect_target
Value: https://s3.smartcentre.xerox.com/Tools-Marketplace/workplace-assistant-learning-tracker/
.s3.smartcentre.xerox.com/ Name: ARRAffinity
Value: c6d907df06705870b759c457b0a7290125323dd2146fd611275d8e88afbf8f7d
.s3.smartcentre.xerox.com/ Name: ARRAffinitySameSite
Value: c6d907df06705870b759c457b0a7290125323dd2146fd611275d8e88afbf8f7d
s3.smartcentre.xerox.com/ Name: ai_user
Value: 6+ksw|2023-08-02T07:30:03.150Z
s3.smartcentre.xerox.com/ Name: ai_session
Value: NSVZ1|1690961403353.3|1690961403353.3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ws: wss: data:; media-src 'self' *.smartcentre.xerox.com blob: data:; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://code.jquery.com https://maxcdn.bootstrapcdn.com *.youtube.com *.azurestaticapps.net maps.googleapis.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.tiny.cloud https://dc.services.visualstudio.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://*.vo.msecnd.net *.smartcentre.xerox.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://cdn.jsdelivr.net *.episerver.net *.bing.com https://maxcdn.bootstrapcdn.com; font-src 'self' *.googleapis.com *.episerver.net https://fonts.gstatic.com https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com data:; connect-src 'self' https://analytics.google.com https://dc.services.visualstudio.com https://www.google-analytics.com *.google-analytics.com *.googleapis.com ws: wss: *.bing.com ; img-src 'self' data: http: https:; child-src 'self' *.smartcentre.xerox.com *.xeroxresponse3.com *.xeroxresponse2.com *.showpad.biz *.ravnur.com *.vimeo.com *.youtube.com *.facebook.com *.brainshark.com *.azurestaticapps.net *.google.com *.episerver.net blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block