services.ricoh.ca Open in urlscan Pro
107.178.254.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3d3cJ1g
Effective URL:
https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_...
Submission: On August 13 via manual (August 13th 2021, 5:35:00 am UTC) from IN

Summary HTTP 227 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 36 domains to perform 227 HTTP transactions. The main IP is 107.178.254.45, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is services.ricoh.ca.
TLS certificate: Issued by R3 on July 14th 2021. Valid for: 3 months.

This is the only time services.ricoh.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	107.178.254.45 107.178.254.45	15169 (GOOGLE) (GOOGLE)
5	35.244.137.202 35.244.137.202	15169 (GOOGLE) (GOOGLE)
1	34.120.27.38 34.120.27.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
12	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST)
62	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	52.222.137.185 52.222.137.185	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
4	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.222.120.150 35.222.120.150	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
9	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.132.238.79 18.132.238.79	16509 (AMAZON-02) (AMAZON-02)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:213... 2600:9000:2134:c00:12:3734:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
6	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.0.160.13 142.0.160.13	7160 (NETDYNAMICS) (NETDYNAMICS)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:1::6	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:1::8	15169 (GOOGLE) (GOOGLE)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
17	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
2	54.172.114.57 54.172.114.57	14618 (AMAZON-AES) (AMAZON-AES)
227	46

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.254.178.107.bc.googleusercontent.com

services.ricoh.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.137.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.27.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.27.120.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.133.208 (United States)

ASN15133 (EDGECAST, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.137.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-185.ams50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.93.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-abm.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.222.120.150 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anthill.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.238.79 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-238-79.eu-west-2.compute.amazonaws.com

reveal.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2134:c00:12:3734:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.160.13 (Ashburn, United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

s2073603363.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:1::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6nzz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:1::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nzz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.114.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-57.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com	733 KB
39	youtube.com www.youtube.com	2 MB
19	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	4 KB
17	googlevideo.com r1---sn-4g5e6nzz.googlevideo.com r3---sn-4g5e6nzz.googlevideo.com	3 MB
17	fastcdn.co g.fastcdn.co v.fastcdn.co	3 MB
9	google-analytics.com www.google-analytics.com	21 KB
8	clarity.ms 1 redirects www.clarity.ms c.clarity.ms	24 KB
8	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	913 B
6	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
4	google.com www.google.com	39 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	en25.com img03.en25.com img.en25.com	15 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	10 KB
4	googletagmanager.com www.googletagmanager.com	257 KB
3	unpkg.com 2 redirects unpkg.com	2 KB
3	instapage.com heatmap-events-collector.instapage.com anthill.instapage.com	9 KB
3	instapagemetrics.com cdn.instapagemetrics.com ec.instapagemetrics.com	33 KB
2	sentry.io sentry.io	806 B
2	eloqua.com 1 redirects s2073603363.t.eloqua.com	1 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	marketo.net munchkin.marketo.net	6 KB
1	driftcdn.com embeds.driftcdn.com	4 KB
1	googleapis.com fonts.googleapis.com	739 B
1	twitter.com analytics.twitter.com	658 B
1	google.de www.google.de	107 B
1	ml-api.io attr.ml-api.io	241 B
1	ml-attr.com 1 redirects s.ml-attr.com	293 B
1	clearbit.com reveal.clearbit.com	1 KB
1	licdn.com snap.licdn.com	2 KB
1	t.co t.co	454 B
1	marketo.com app-abm.marketo.com	68 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d10lpsik1i8c69.cloudfront.net	3 KB
1	ricoh.ca services.ricoh.ca	25 KB
1	bit.ly 1 redirects bit.ly	323 B
227	36

	Domain	Requested by
62	js.driftt.com	services.ricoh.ca js.driftt.com
39	www.youtube.com	services.ricoh.ca www.youtube.com www.googletagmanager.com
13	r3---sn-4g5e6nzz.googlevideo.com	www.youtube.com
12	v.fastcdn.co	services.ricoh.ca
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com services.ricoh.ca
8	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	www.clarity.ms	services.ricoh.ca www.clarity.ms
5	g.fastcdn.co	services.ricoh.ca
4	r1---sn-4g5e6nzz.googlevideo.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com
4	www.google.com	services.ricoh.ca www.youtube.com
4	www.googletagmanager.com	services.ricoh.ca www.googletagmanager.com
3	bootstrap.api.drift.com	js.driftt.com
3	www.gstatic.com	www.youtube.com
3	static.doubleclick.net	www.youtube.com
3	fonts.gstatic.com	www.youtube.com
3	unpkg.com	2 redirects services.ricoh.ca
3	img03.en25.com	services.ricoh.ca
3	bat.bing.com	services.ricoh.ca bat.bing.com
2	event.api.drift.com	js.driftt.com
2	sentry.io	js.driftt.com
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	s2073603363.t.eloqua.com	1 redirects services.ricoh.ca
2	c.clarity.ms	1 redirects services.ricoh.ca
2	px.ads.linkedin.com	2 redirects
2	secure.adnxs.com	2 redirects
2	munchkin.marketo.net	services.ricoh.ca munchkin.marketo.net
2	heatmap-events-collector.instapage.com	services.ricoh.ca heatmap-events-collector.instapage.com
1	embeds.driftcdn.com	js.driftt.com
1	fonts.googleapis.com	js.driftt.com
1	c.bing.com	1 redirects
1	img.en25.com	services.ricoh.ca
1	apt.techtarget.com	services.ricoh.ca
1	anthill.instapage.com	services.ricoh.ca
1	analytics.twitter.com	static.ads-twitter.com
1	trk.techtarget.com	services.ricoh.ca
1	www.google.de	services.ricoh.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	services.ricoh.ca
1	www.linkedin.com	1 redirects
1	attr.ml-api.io	services.ricoh.ca
1	s.ml-attr.com	1 redirects
1	reveal.clearbit.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	t.co	services.ricoh.ca
1	app-abm.marketo.com	services.ricoh.ca
1	static.ads-twitter.com	services.ricoh.ca
1	d10lpsik1i8c69.cloudfront.net	services.ricoh.ca
1	cdn.instapagemetrics.com	services.ricoh.ca
1	services.ricoh.ca
1	bit.ly	1 redirects
227	52

This site contains links to these domains. Also see Links.

Domain
www.agentsdechangement.ca
www.ricoh.ca
blog.ricoh.ca
www.linkedin.com
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
www.ricohediscovery.com

Subject Issuer	Validity	Valid
services.ricoh.ca R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
g.fastcdn.co GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
cdn.instapagemetrics.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
v.fastcdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-05-11` - `2022-05-16`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2020-08-13` - `2021-11-12`	a year	crt.sh
app-abm.marketo.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
heatmap-events-collector.instapage.com R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
clearbit.com Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.ml-api.io Amazon	`2021-01-20` - `2022-02-17`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
anthill.instapage.com R3	`2021-07-12` - `2021-10-10`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-03` - `2021-10-12`	2 months	crt.sh
ec.instapagemetrics.com R3	`2021-06-18` - `2021-09-16`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Frame ID: 29F2871EF9190898AEB0E138999BA599
Requests: 72 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
Frame ID: 01D374102DAF62ACBF911EA0EC78B47C
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
Frame ID: 64C7E15B5E51BF690907B317913261AF
Requests: 43 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
Frame ID: 3EBD9DC10DC7D2FFBDEA12801394956C
Requests: 41 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
Frame ID: BEF6F1DBF1E39FB8E082BBCCB0113C8B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3d3cJ1g HTTP 301
https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

227
Requests

99 %
HTTPS

49 %
IPv6

36
Domains

52
Subdomains

46
IPs

6
Countries

9691 kB
Transfer

18379 kB
Size

12
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.agentsdechangement.ca/
Title: FR

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en
Title:

Search URL Search Domain Scan URL

URL: https://blog.ricoh.ca/
Title: Visit blog

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ricoh-canada-inc-/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/ricohcanada
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ricohcanada/?hl=en
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RicohCanadaInc/
Title:

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/about-us/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?time_continue=13&v=CjbmeFtA9gA&feature=emb_title
Title: Remote Collaboration & Creativity Re-imagined

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LYLu_JRFoj4&feature=emb_title
Title: Planning for a Safe Return to the Office

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=T4jKqaEH5rQ&feature=youtu.be
Title: Online Forms for Employee Safety in the New World of Work

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qpsBllQO8HQ&t=2s
Title: Future-proof your mailroom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=NNB5nYwmayQ&feature=emb_title
Title: Signing & Concluding Business Contracts Electronically

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5dJjHcASpM4&feature=emb_title
Title: Reclaim control of your AP/AR—today and going forward

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=FCPKKou_PI8&feature=emb_title
Title: Contract Analysis & Review: Now & Into the Future

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=nJFaYXaM3CM&feature=youtu.be
Title: Work Better, Faster & Deliver With Automation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=rIlbfC9ip1c
Title: Secure access to business-critical information

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?time_continue=1&v=T3B22_cblHU&feature=emb_title
Title: Fortifying & Securing the Remote Workspace

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oYEX-9GcoY4&feature=emb_title
Title: Data-mapping: Building the Bedrock

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=_mu00ASJQN0&feature=emb_title
Title: IT Tools to Stay Productive & Secure

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=jse7hzoM8rs&feature=emb_title
Title: Managing IT: What’s the right combo?

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/document-processing-services/accounting-processes
Title: AP and AR Processing

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/document-processing-services/mail-processes
Title: Mail Management

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/document-processing-services/line-of-business-services
Title: LOB Processes

Search URL Search Domain Scan URL

URL: https://www.ricohediscovery.com/ediscovery
Title: eDiscovery

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/ricoh-it-services/it-security-solutions
Title: IT Security Solutions & Services

Search URL Search Domain Scan URL

URL: https://www.ricohediscovery.com/file-analysis-and-migration
Title: File Analysis and Migration

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/information-governance-services/digital-rights-management
Title: Digital Rights Management

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/ricoh-it-services/cloud-solutions-and-services
Title: Cloud Migration & Support

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/content-management-and-workflow-services
Title: Content Management & Workflow

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/communication-services
Title: Communication Services

Search URL Search Domain Scan URL

URL: https://www.ricoh.ca/en/solutions/content-management-and-workflow-services/esignatures
Title: eSignature

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3d3cJ1g HTTP 301
https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.ricoh.ca%26pId%3d%24UID&gtmcb=129311031 HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.ricoh.ca%26pId%3d%24UID&gtmcb=129311031 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.ricoh.ca%2526pId%253d%2524UID%26gtmcb%3D129311031 HTTP 302
https://attr.ml-api.io/?domain=www.ricoh.ca&pId=2288029007715931400&gtmcb=129311031

Request Chain 37

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D94331%26time%3D1628832879077%26url%3Dhttps%253A%252F%252Fservices.ricoh.ca%252F%253Futm_source%253Devent%2526utm_medium%253Dpaid%2526utm_campaign%253DCanadianSME_0421%2526utm_term%253Den%2526utm_content%253DBizExpo_Chat%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&liSync=true&e_ipv6=AQKJsn_xsybWHAAAAXs-AVVTyap5Yx3o9hGuRSLEPmpVEUE7kK2vaC8gzvKhmBjfzA-4C7T9

Request Chain 41

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.0 HTTP 302
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 68

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&RedC=c.clarity.ms&MXFR=15D4692B66BA6D9702B579B962BA635A HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&MUID=1434E3D041F269483226F3424099686E

Request Chain 85

https://s2073603363.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled HTTP 302
https://s2073603363.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled&elqCookie=1

227 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
services.ricoh.ca/
Redirect Chain

https://bit.ly/3d3cJ1g
https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

177 KB
25 KB

207ms
83ms

Document
text/html

107.178.254.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.178.254.45 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

45.254.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

db468fb73f717110de65d2f596c7398e66b7731888751118897bce96badaa3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: services.ricoh.ca
:scheme: https
:path: /?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: openresty
date: Fri, 13 Aug 2021 05:34:38 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"2c407-rJBUJ5uXtiIXt2FVsf/KXA+y4MQ"
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 13 Aug 2021 05:34:38 GMT
content-type: text/html; charset=utf-8
content-length: 229
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
referrer-policy: unsafe-url
set-cookie: _bit=l7d5yC-37ec3854f7ed3106eb-00B; Domain=bit.ly; Expires=Wed, 09 Feb 2022 05:34:38 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 utils.4307b753f6f392018c32.js Show response
g.fastcdn.co/js/ 47 KB
16 KB 134ms
42ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.4307b753f6f392018c32.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:11:21 GMT
content-encoding: gzip
age: 33797
x-guploader-uploadid: ADPycdv20uN021JMRLeunzKRE716Pa0yhiQn4azGaD2dYvfqQo4wQQvc5Klocrhaivt438yqv1P0mygatbH8QQT3b3a3nYVbWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 16045
last-modified: Wed, 11 Aug 2021 22:41:27 GMT
server: UploadServer
etag: "3041b91068c7b521817389d49ee88aa6"
vary: Accept-Encoding
x-goog-hash: crc32c=DMZQJg==, md5=MEG5EGjHtSGBc4nUnuiKpg==
x-goog-generation: 1628721687684722
cache-control: public, max-age=31536000
x-goog-stored-content-length: 16045
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Aug 2022 20:11:21 GMT

GET
H2 200 Cradle.4dac59f2328b0387640d.js Show response
g.fastcdn.co/js/ 20 KB
6 KB 162ms
70ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.4dac59f2328b0387640d.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 00:12:14 GMT
content-encoding: gzip
age: 105744
x-guploader-uploadid: ADPycdtfcU13DdnCgoaQEvXg0FH7m9OyKjgTxWYziACWWLw4vcrKeo6hQkgzYoUeroGcXBRLPK3UxhiL9OQ68jrA18o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5581
last-modified: Wed, 11 Aug 2021 22:41:25 GMT
server: UploadServer
etag: "e65424f8c2aaa7264ae3eaf852934882"
vary: Accept-Encoding
x-goog-hash: crc32c=MHgq+w==, md5=5lQk+MKqpyZK4+r4UpNIgg==
x-goog-generation: 1628721685384284
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5581
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Aug 2022 00:12:14 GMT

GET
H2 200 LazyImage.b311ea858a228d7bc9b2.js Show response
g.fastcdn.co/js/ 3 KB
2 KB 160ms
68ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.b311ea858a228d7bc9b2.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:11:21 GMT
content-encoding: gzip
age: 33797
x-guploader-uploadid: ADPycduhj2htoykItJpaocMOJQWm79QoUQxU1QvArBHNsvJi2fUM2yJlQYxBdyM0-dibJv0rx_Hc4YnCBGXEGbtO3hCAfMUG5g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 1563
last-modified: Wed, 11 Aug 2021 22:41:26 GMT
server: UploadServer
etag: "4fada7192ed3976ed69f137f5aaeab12"
vary: Accept-Encoding
x-goog-hash: crc32c=FGzgaA==, md5=T62nGS7Tl27WnxN/Wq6rEg==
x-goog-generation: 1628721685984637
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1563
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Aug 2022 20:11:21 GMT

GET
H2 200 Popup.080a18b67104a3476a94.js Show response
g.fastcdn.co/js/ 12 KB
3 KB 159ms
67ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Popup.080a18b67104a3476a94.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 87cd50536eb8a8e97b4ac12b9166b3ad341e873193a0b40f48668e8083230154

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:13:15 GMT
content-encoding: gzip
age: 33683
x-guploader-uploadid: ADPycds9OrDk2PaF1tBmnIrhQ2ir2ByyiudHO-yv4QwcjcMlljikW0MYNLVJ4li2SijTEabaWp7HuS3fNYbM1fTobQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 3239
last-modified: Wed, 11 Aug 2021 22:41:26 GMT
server: UploadServer
etag: "c1b3dd29419b956b2278f9b12d74fd3d"
vary: Accept-Encoding
x-goog-hash: crc32c=bCP8IA==, md5=wbPdKUGblWsiePmxLXT9PQ==
x-goog-generation: 1628721686375461
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3239
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 12 Aug 2022 20:13:15 GMT

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/ 111 KB
33 KB 138ms
43ms Script
application/javascript 34.120.27.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/it.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.27.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.27.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 08:04:07 GMT
content-encoding: gzip
age: 682231
x-guploader-uploadid: ADPycdvmg76BBOaq5nvk_TOWlSLMlcGyjMvGWBxrjlIK4198fCUwnYjrjSMbf6BXgehKb0VMplajXI4dWqz4gXv_WzWq370sfw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-tracker-version: 2.15.0
alt-svc: clear
content-length: 33128
last-modified: Mon, 24 Aug 2020 17:06:45 GMT
server: UploadServer
etag: "318e77f6c3e7c333b55428540c33901b"
x-goog-hash: crc32c=KvIaMQ==, md5=MY539sPnwzO1VChUDDOQGw==
x-goog-generation: 1598288805406309
cache-control: no-transform
x-goog-stored-content-length: 33128
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 08:04:07 GMT

GET
H2 200 sptw.js Show response
g.fastcdn.co/js/ 9 KB
3 KB 153ms
73ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89225b4b788b0e6caa3be9e66a771f8cad6cdb7f152383584427acd137d6eac3

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 02:48:52 GMT
content-encoding: gzip
age: 701146
x-guploader-uploadid: ADPycdu7jrNKapsemRS99OxrLhuNYwbLUF15KnUzPf_8JdhauYA-vUneif4LW_JmM9DCyt5Tsu58jnHAMP1PINtaPRJiSO8ufQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 2948
last-modified: Tue, 03 Aug 2021 10:57:51 GMT
server: UploadServer
etag: "f3003e4b6029cd03ced56b6206a92b4b"
vary: Accept-Encoding
x-goog-hash: crc32c=5moVVA==, md5=8wA+S2ApzQPO1WtiBqkrSw==
x-goog-generation: 1625167194977863
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2948
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Aug 2022 02:48:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814918700

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e74ab34bde4167ca3a73275db37a5fa56b09b90f96397a7d0e9b77a07863c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39009
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 05:34:38 GMT

GET
H2 200 56339517-0-Ricoh-Lock-Up-4C-RGB.svg
v.fastcdn.co/u/8c104a0e/ 6 KB
3 KB 314ms
130ms Image
image/svg+xml 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56339517-0-Ricoh-Lock-Up-4C-RGB.svg
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D64) /
Resource Hash: c03c87715d3073b8d337c1fa6de655873f14017e7c36ead0ae4e61f29c1ea3ee

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-goog-stored-content-length: 2532
age: 10755717
x-guploader-uploadid: ABg5-Uy80BwluPGPYxoHRJL4YUpfa1UNdzkgV4-56umVal_vRFVj4Zz3YqUyAEOVJlp_PVwUhIZ-4lLxPMqu2o8r-W5nO4_5eg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-expires: Sun, 15 May 2022 05:42:49 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2532
last-modified: Wed, 24 Mar 2021 13:42:50 GMT
server: ECS (lcy/1D64)
etag: "78f00d8edbaa8c604d30e4bd29e7e47b"
vary: Accept-Encoding
x-goog-hash: crc32c=NZ5L6g==, md5=ePANjtuqjGBNMOS9Kefkew==
content-type: image/svg+xml
x-goog-generation: 1616593370035041
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 54745642-0-Concept-7.gif
v.fastcdn.co/u/8c104a0e/ 471 KB
471 KB 314ms
131ms Image
image/gif 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/54745642-0-Concept-7.gif
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3B) /
Resource Hash: ff6da69fe4b9464f9e7f15cb1f3d978f4ae992d8d2871c0ada5ca8dc2d1b9217

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 481820
age: 7856333
x-guploader-uploadid: ABg5-Uya8ZUPPgU5lfhMgZURs5PVd0hRi4eiJkvzjzgxMkHENTU_KAfgUb_06X-vXRhhZsLA4naWp0_cZC62MfeasJ4
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 01 Feb 2022 10:43:25 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 481820
last-modified: Fri, 11 Dec 2020 18:43:25 GMT
server: ECS (lcy/1D3B)
etag: "262614786f303f512644f30717629040"
x-goog-hash: crc32c=CI9nIw==, md5=JiYUeG8wP1EmRPMHF2KQQA==
content-type: image/gif
x-goog-generation: 1607712205811550
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 46089720-0-4abd20d7-c7d8-4d3e-b.png
v.fastcdn.co/u/8c104a0e/ 1 KB
1 KB 314ms
131ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/46089720-0-4abd20d7-c7d8-4d3e-b.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D4A) /
Resource Hash: e7869abcaff19fad74aae677838830a21555aac61a1ce6b04a73b981a794c658

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 1229
age: 16460263
x-guploader-uploadid: ABg5-UxMUYhEdqZTuBEmx-p1X85dnYbHCkC62xoVdZ0KyTjp7aTTBBwD01dwsJ5bagcQxape2U9gZRxfBLWqi_GER0mUnUvfNA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 06 Nov 2020 08:50:05 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1229
last-modified: Mon, 16 Sep 2019 16:50:05 GMT
server: ECS (lcy/1D4A)
etag: "f64c25f3461da8c0fec766a2a6bd63a1"
x-goog-hash: crc32c=uBK/eA==, md5=9kwl80YdqMD+x2aipr1joQ==
content-type: image/png
x-goog-generation: 1568652605714782
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 47752815-0-ic-play-circle-fille.svg
v.fastcdn.co/u/6430ff65/ 338 B
715 B 315ms
131ms Image
image/svg+xml 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/6430ff65/47752815-0-ic-play-circle-fille.svg
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D61) /
Resource Hash: d44e949c780b9237aee625441ad2b38fd879e0d62af6a21f97a9e02911d49b6a

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-goog-stored-content-length: 266
age: 50503936
x-guploader-uploadid: AEnB2Uqc7XI0B0kpMBd-K33igvm6m6xnzCX7nMv1F_eHWRJVfX0I3VwLMdMVN4KtM09fmsH4f6s7IGowjrX1YxRTVWtCtS7_iw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-expires: Sat, 16 Jan 2021 16:27:49 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 266
last-modified: Wed, 27 Nov 2019 00:27:49 GMT
server: ECS (lcy/1D61)
etag: "e9a871ee2237bc430e05ae6da0c810ed"
vary: Accept-Encoding
x-goog-hash: crc32c=ERhiRA==, md5=6ahx7iI3vEMOBa5toMgQ7Q==
content-type: image/svg+xml
x-goog-generation: 1574814469932113
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 46089710-0-172f8b92-7374-45b2-a.png
v.fastcdn.co/u/8c104a0e/ 1 KB
1 KB 314ms
131ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/46089710-0-172f8b92-7374-45b2-a.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D20) /
Resource Hash: 299e0fcbf90965078538bb25417dce4b49065955430ff75bf6ad613420bf9e94

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 1220
age: 16460263
x-guploader-uploadid: ABg5-UxE1pBoFnjzhwZPebmk9MGxKQjXI03aNTDa82tvdFUpfp4MW4js2A1rQNXjdAafhjqRFSdhHqXRi-eQcU1f4fk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 06 Nov 2020 08:50:05 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
last-modified: Mon, 16 Sep 2019 16:50:05 GMT
server: ECS (lcy/1D20)
etag: "6434bb4f554f613cc81235d4169a3c94"
x-goog-hash: crc32c=Oqkgog==, md5=ZDS7T1VPYTzIEjXUFpo8lA==
content-type: image/png
x-goog-generation: 1568652605576589
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 56971137-0-CFB-Link.png
v.fastcdn.co/u/8c104a0e/ 2 KB
2 KB 288ms
105ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56971137-0-CFB-Link.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3B) /
Resource Hash: b7293c412425ccb77f56ba5bfec69a33cb8e46defa99ec5020e54e823b54a206

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 1917
age: 7974199
x-guploader-uploadid: ABg5-UyvDYOc5LSFkyAXp7GYc-mF_9dt8Kxy_Ilcz2fsBGEH1A40NRSfgMs_WgNJm7CQ1RTay-JgFGdgSTvgviXW4rFz5SGTTw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 20 Jun 2022 12:18:41 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1917
last-modified: Thu, 29 Apr 2021 20:18:41 GMT
server: ECS (lcy/1D3B)
etag: "abd8ad96483a639fa686509a53334de9"
x-goog-hash: crc32c=xWEdmA==, md5=q9itlkg6Y5+mhlCaUzNN6Q==
content-type: image/png
x-goog-generation: 1619727521532290
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 54745147-0-Concept-8.png
v.fastcdn.co/u/8c104a0e/ 2 MB
2 MB 217ms
54ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/54745147-0-Concept-8.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D22) /
Resource Hash: 74cad531b7b78d8d6e21786bd031c1e0247b6b4429ce428f19a33e4148bbeda2

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 1596983
age: 4344205
x-guploader-uploadid: ABg5-UwCBxhUZzJRGxpLLDXCO2giyLWBozgQkEnEAUVpCjmThubl7jDbK-duyCvlKbN8b46-3cvsMBut4ekliK4npOvQbaN0_A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 01 Feb 2022 10:30:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1596983
last-modified: Fri, 11 Dec 2020 18:30:23 GMT
server: ECS (lcy/1D22)
etag: "19713668dab808174db2e652edbaed7d"
x-goog-hash: crc32c=Q1Qt7g==, md5=GXE2aNq4CBdNsuZS7brtfQ==
content-type: image/png
x-goog-generation: 1607711423946212
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 56320497-0-Change-for-Better-3.png
v.fastcdn.co/u/8c104a0e/ 1 MB
1 MB 295ms
131ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56320497-0-Change-for-Better-3.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D64) /
Resource Hash: 2ba88fd6156fbcdb821fe4caf5d4a3126d174895d9ba4cdbdb1a0d30c7e5e9c8

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 1414019
age: 10755717
x-guploader-uploadid: ABg5-UxBCdclFrNdo_4gQrUogqvu4Vrkj3VFxWizeteiVvTWuqfgTZdYLIQj1VDBXzRIyHroD_X9PZpvUepmVd3WW0M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 14 May 2022 09:22:44 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414019
last-modified: Tue, 23 Mar 2021 17:22:44 GMT
server: ECS (lcy/1D64)
etag: "8491415daa8161c97eb8fb8430d2f7fe"
x-goog-hash: crc32c=yreiqg==, md5=hJFBXaqBYcl+uPuEMNL3/g==
content-type: image/png
x-goog-generation: 1616520164799962
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 my9agfd8k4vc.js Show response
js.driftt.com/include/1628832900000/ 214 KB
61 KB 291ms
175ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1628832900000/my9agfd8k4vc.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

072d970388d4749ce871e59c751c809cbdb37e2ef0759086474a2246eb20c6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 20:05:11 GMT
server: nginx
etag: W/"e0db4a45ba2c59ce0a84e4a566e39d10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dD3Wp6LwV7eSis3Qw9nyssKu8PSKshsR
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z2l7zREBHeLCokFuSO4VlbEGzcTeoxpAIAKgk-WgQiNlI0fSclfv2w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 602 KB
110 KB 115ms
114ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec2579952de99c8c6f246c5f9eba38488b0299dc5ce0be9371ea861017d2e663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:38 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112163
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 181ms
53ms Script
application/javascript 52.222.137.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-185.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:58:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 16:29:57 GMT
server: AmazonS3
age: 2180
etag: W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: AEoyfrkrokIUF2rmdHNrtNJI7r-PZeXEXoIo44M9xDplnvm9aGyvaw==

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:38 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 4B306FC08875406888C6514D138041A0 Ref B: FRAEDGE1516 Ref C: 2021-08-13T05:34:38Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 132ms
42ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:38 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 19643
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1628832879.968597,VS0,VE0
x-served-by: cache-fra19168-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 56323347-0-Imagination-Balloon-.png
v.fastcdn.co/u/8c104a0e/ 3 KB
4 KB 295ms
131ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56323347-0-Imagination-Balloon-.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D2D) /
Resource Hash: 460526402e6c6e32f58223f8eab4e569434e606569166a7db60530f81e8b650d

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 3284
age: 10755717
x-guploader-uploadid: ABg5-UwrANY8iSh3bEBuywVD_cbvDJm2V0azdCZh6YDCgyXPBRDHgsU9kI_2MB_dcYESI5fJ0MQ7cc-7JYFDf27ckGCoTFyQ8Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 14 May 2022 11:18:55 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3284
last-modified: Tue, 23 Mar 2021 19:18:55 GMT
server: ECS (lcy/1D2D)
etag: "2426624a441407de7cb3f78864a39abc"
x-goog-hash: crc32c=B969cQ==, md5=JCZiSkQUB958s/eIZKOavA==
content-type: image/png
x-goog-generation: 1616527135825525
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img03.en25.com/i/ 13 KB
4 KB 196ms
67ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3638
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 23 Apr 2021 18:01:07 GMT
Date: Fri, 13 Aug 2021 05:34:39 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
ETag: "58a675a26a38d71:0"
Accept-Ranges: bytes
Expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H2 200 forms2.min.js Show response
app-abm.marketo.com/js/forms2/js/ 204 KB
68 KB 384ms
89ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-abm.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 18 Jun 2021 20:07:07 GMT
server: cloudflare
age: 4342
etag: "442130-33187-5c50fde38d0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 67df9356ef943318-CDG
expires: Fri, 13 Aug 2021 09:34:39 GMT

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 24 KB
9 KB 454ms
150ms Script
application/javascript 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
strict-transport-security: max-age=315360000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 13 Aug 2021 05:20:17 GMT
x-frame-options: SAMEORIGIN
date: Fri, 13 Aug 2021 05:34:39 GMT
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 13 Aug 2021 05:39:39 GMT

GET
H2 204 25066748.js Show response
bat.bing.com/p/action/ 0
93 B 142ms
141ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25066748.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Aug 2021 05:34:38 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 750EC1FC254A43499DFF419926BDC8D3 Ref B: FRAEDGE1516 Ref C: 2021-08-13T05:34:38Z
x-cache: CONFIG_NOCACHE

GET
H2 200 adsct
t.co/i/ 43 B
454 B 260ms
165ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2698&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 13 Aug 2021 05:34:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 839d31ff13d56f7885521b49c801f6975c3315de600a6152e40e8212b7853b19
x-transaction: 0512b1fe5f8fe6ea
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7085
date: Fri, 13 Aug 2021 03:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 05:36:34 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 23ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=31028
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
64 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQV9JLL&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c629b47a1fe3e89438110650b85fb9833e41aa3bb270568799327f5d1252429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65427
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
45 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56W7G3H&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a1a51869e8f5ab989ed6dbef5a32a1e9338d5c27b6752f712cbd6765684edb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45715
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 204ms
67ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 reveal Show response
reveal.clearbit.com/v1/companies/ 2 KB
1 KB 346ms
219ms Script
application/javascript 18.132.238.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_db043fe873bac067e56bf19269f3e27e&callback=pushToDataLayer
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.238.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-238-79.eu-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: 9475244b8d0dbdeb5191e7252a641df6710bada318b9c4c3f72567c6ca357851

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
server: envoy
x-api-version: 2018-03-28
x-account-id: ac03fd84-b854-4505-aee2-67cb65c2fac1
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.ricoh.ca%26pId%3d%24UID&gtmcb=129311031
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.ricoh.ca%26pId%3d%24UID&gtmcb=129311031
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.ricoh.ca%2526pId%253d%2524UID%26gtmcb%3D129311031
https://attr.ml-api.io/?domain=www.ricoh.ca&pId=2288029007715931400&gtmcb=129311031

0
241 B

471ms
412ms

Image
application/json

2600:9000:2134:c00:12:3734:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.ricoh.ca&pId=2288029007715931400&gtmcb=129311031
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:c00:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
via: 1.1 ec6f32a0d1c5fef22993e49d055871c2.cloudfront.net (CloudFront)
apigw-requestid: D_WhihF_oAMEVOQ=
x-amz-cf-pop: MXP64-C2
x-cache: Miss from cloudfront
content-type: application/json
content-length: 0
x-amz-cf-id: x0UNxHLbaaXzfF4-C061HqOAfXAfNpPETtCyP8RTsKFKuarXgx_jaA==

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 05:34:39 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9e810435-f49d-4df4-8476-536bd9febb15
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=www.ricoh.ca&pId=2288029007715931400&gtmcb=129311031
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2285
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:56:34 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img03.en25.com/i/ 13 KB
4 KB 69ms
68ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3638
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 23 Apr 2021 18:01:07 GMT
Date: Fri, 13 Aug 2021 05:34:39 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
ETag: "58a675a26a38d71:0"
Accept-Ranges: bytes
Expires: Fri, 13 Aug 2021 05:34:39 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=596820606&t=pageview&_s=1&dl=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&ul=en-us&de=UTF-8&dt=Ricoh%20Change%20Makers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUALAAAAAC~&jid=1344119758&gjid=479603473&cid=623730503.1628832879&tid=UA-15163675-1&_gid=968200457.1628832879&_r=1&gtm=2wg8b0N8NGN6&cg1=(not%20set)&cg2=(not%20set)%2F(not%20set)&cg3=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd98=1628832879036.1neig9u&cd99=Fri%20Aug%2013%202021%2007%3A34%3A39%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd100=english&cd101=GTM-N8NGN6&cd102=533&cd103=CMS%20-%20UA%20Page%20Views&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=623730503.1628832879&z=1065962734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://services.ricoh.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_t...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D94331%26time%3D1628832879077%26url%3Dhttps%253A%252F%252Fservices.ricoh.ca%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_t...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_...

0
156 B

507ms
230ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&liSync=true&e_ipv6=AQKJsn_xsybWHAAAAXs-AVVTyap5Yx3o9hGuRSLEPmpVEUE7kK2vaC8gzvKhmBjfzA-4C7T9
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: WkLv9N/GmhZgLV8oWSsAAA==

Redirect headers

date: Fri, 13 Aug 2021 05:34:39 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=94331&time=1628832879077&url=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&liSync=true&e_ipv6=AQKJsn_xsybWHAAAAXs-AVVTyap5Yx3o9hGuRSLEPmpVEUE7kK2vaC8gzvKhmBjfzA-4C7T9
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 6Xiy1t/GmhYgAwMGnysAAA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-15163675-1&cid=623730503.1628832879&jid=1344119758&gjid=479603473&_gid=968200457.1628832879&_u=aGBAAUAKAAAAAC~&z=1835189315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Aug 2021 05:34:39 GMT
content-type: text/plain
access-control-allow-origin: https://services.ricoh.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-15163675-1&cid=623730503.1628832879&jid=1344119758&_u=aGBAAUAKAAAAAC~&z=315193542

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-15163675-1&cid=623730503.1628832879&jid=1344119758&_u=aGBAAUAKAAAAAC~&z=315193542

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.0
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

4 KB
2 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3650820
fly-request-id: 01F9J6C67JE64Y1WP2JP65WQW4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"11c8-h8MN9BiDN1TuDYM8xSzz31D62dA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67df9356dc86c286-FRA

Redirect headers

date: Fri, 13 Aug 2021 05:34:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01F9J6DG5AT55A9D46CE12KRD9
server: cloudflare
age: 3650777
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.0/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67df9356bc59c286-FRA
access-control-allow-origin: *

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 149ms
44ms Script
text/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 297
X-Ws-Request-Id: 6116046f_PSdgflkfFRA1bc9_41773-16780
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2no188:0 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1eq94:13 (W)
Cache-Control: max-age=600
X-Px: ht PSdgflkfFRA1eq94FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Fri, 13 Aug 2021 05:39:42 GMT

GET
H2 200 6gpqar40vz Show response
www.clarity.ms/tag/ 534 B
912 B 183ms
136ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6gpqar40vz
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: fa537e30766db0b80f17b7fa6394f8efb7bb13a3f78395fdf46bc74b203920a4

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-powered-by: ASP.NET
x-azure-ref: 0bwQWYQAAAACpMuxX+YFcQoIOKkhMGW/UTFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
content-length: 534
expires: -1

GET
H2 200 XWjRzZBeyOc Show response
www.youtube.com/embed/ Frame 01D3 56 KB
24 KB 54ms
53ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XWjRzZBeyOc

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc9b75d435d720e7f2e86791ca8aac14242b0ee9e8180975d8feef6ff5f5791f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/XWjRzZBeyOc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.ricoh.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://services.ricoh.ca/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Aug 2021 05:34:39 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZgB8mW_fAsA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yIrhGXhIxwA; Domain=.youtube.com; Expires=Wed, 09-Feb-2022 05:34:39 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+309; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img03.en25.com/i/ 13 KB
4 KB 70ms
70ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3638
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 23 Apr 2021 18:01:07 GMT
Date: Fri, 13 Aug 2021 05:34:39 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
ETag: "58a675a26a38d71:0"
Accept-Ranges: bytes
Expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 01D3 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46094
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 01D3 193 KB
64 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65204
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 2 MB
494 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505743
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 01D3 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 01D3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 288438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H3-29 200 iframe_api Show response
www.youtube.com/ 980 B
511 B 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 67ms
67ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sun, 21 Nov 2021 05:34:39 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 01D3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

16ms
16ms

XHR
application/json

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

895e9aaf75bed24d1435120f05fd5fd135dd3d8edb15f811bbe3482d9b1be3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 01D3 29 B
92 B 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:25:37 GMT
x-content-type-options: nosniff
age: 542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 05:40:37 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 456ms
157ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2698&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 13 Aug 2021 05:34:39 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9e2d7326d32e007f803de3389b4618cf6807beb44e22016a124188f84f4a9906
x-transaction: 65747ba57fc11204
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ 35 B
293 B 454ms
148ms Image
application/octet-stream 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/visit?api_key=9d9609d9b5c93e6b9b938c76e65a64c5193b8aa46c3e4a724a270b929ffedf8883368716b06c55d993fe9ec2d27978c048606c2d6ec2538325ac23dc7dc28110087a54e4a97cee1f68ca1f48174717354a7676a9eddb53c1d69be7eeffba65a34d42bd92ef72597777616bf036cf9e6366aded52e49307d905ea51a0df6546211d031eb223b25b39848719720663c648&data=eyJwYWdlX3VybCI6Imh0dHBzOi8vc2VydmljZXMucmljb2guY2EvP3V0bV9zb3VyY2U9ZXZlbnQmdXRtX21lZGl1bT1wYWlkJnV0bV9jYW1wYWlnbj1DYW5hZGlhblNNRV8wNDIxJnV0bV90ZXJtPWVuJnV0bV9jb250ZW50PUJpekV4cG9fQ2hhdCIsIm93bmVyX2lkIjoxODg0MDU2LCJjdXN0b21lcl9pZCI6MjYzOTU0MiwicGFnZV9pZCI6MjE3MDA4NzcsInB1Ymxpc2hlZF92ZXJzaW9uIjoxNjAsInZhcmlhdGlvbl9uYW1lIjoiQSIsInZhcmlhdGlvbl9pZCI6MSwibGlua2VkX3ZhcmlhdGlvbl9pZCI6MiwidmFyaWF0aW9uIjoiQSIsInF1YW50aXR5IjoxLCJpbml0aWFsX3Jlc3BvbnNpdmVfbW9kZSI6bnVsbCwic3RhdGljX3BhZ2UiOmZhbHNlLCJqYXZhc2NyaXB0Ijp0cnVlLCJ2aWV3cG9ydF9oZWlnaHQiOjEyMDAsInZpZXdwb3J0X3dpZHRoIjoxNjAwLCJjYW1wYWlnbl9pZCI6ZmFsc2UsImFkX2lkIjpmYWxzZSwiY2FtcGFpZ25fc291cmNlIjpmYWxzZSwidmlzaXRlZCI6MCwicmVzcG9uc2l2ZV9tb2RlIjpudWxsLCJyZWYiOm51bGx9&t=1628832879405

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
referrer-policy: same-origin
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding, Origin
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H2 204 0
bat.bing.com/action/ 0
95 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25066748&Ver=2&mid=b49c999f-f20d-4a52-8ea5-4ace95360abc&sid=2742c9e0fbf811ebb23f4dfe0a733978&vid=2742ea80fbf811eb8b021f96be8acd25&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ricoh%20Change%20Makers&kw=Workplace%20Services,%20Ricoh,%20office%20equipment%20services,%20it%20services%20canada,%20operations%20management%20and%20business%20process,%20it%20support%20services,%20collaboration%20software,%20quality%20digital%20solutions,%20automate%20documents,%20electronic%20signature&p=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&r=&lt=1155&evt=pageLoad&msclkid=N&sv=1&rn=321100
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 13 Aug 2021 05:34:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D83DC251C10143BB8CF48CFCC87C77FC Ref B: FRAEDGE1516 Ref C: 2021-08-13T05:34:39Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 543ms
134ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=1270884&version=2.0&ref=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&r=1628832879410
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:39 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384023492"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 43

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:27:27 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29765
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js Show response
www.google.com/js/th/ Frame 01D3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4c7b23418ae569afa6754e6d4228390ce921e0e22c03ec0f51471db85abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13314
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 05:10:15 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53179
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:48:20 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 189ms
64ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 23 Apr 2021 18:01:07 GMT
Date: Fri, 13 Aug 2021 05:34:39 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
ETag: "495875a26a38d71:0"
Accept-Ranges: bytes
Expires: Fri, 13 Aug 2021 05:34:39 GMT

GET
H3-Q050 200 56449207-0-Sheena.png
v.fastcdn.co/u/8c104a0e/ 11 KB
12 KB 120ms
59ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56449207-0-Sheena.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D40) /
Resource Hash: 847b4c3796e556becfad5b4a3aa8ef8cfbd9275fd25d0f30b83c7a064d37b466

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 11131
age: 10392424
x-guploader-uploadid: ABg5-Uw_-9Q_xSJh1WMyzMQEz_Gt0EVOmUrz0w38e2BKBf3f10suqTcuYjMWTOKMwDMncO6Pvzq6JWhkQ3D5b9ytiCZGy-oDcQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 21 May 2022 14:37:37 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11131
last-modified: Tue, 30 Mar 2021 22:37:37 GMT
server: ECS (lcy/1D40)
etag: "87585ff51e635eb838b755072554b5dc"
x-goog-hash: crc32c=b91u1w==, md5=h1hf9R5jXrg4t1UHJVS13A==
content-type: image/png
x-goog-generation: 1617143857804622
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H3-Q050 200 56449212-0-Wesley.png
v.fastcdn.co/u/8c104a0e/ 12 KB
12 KB 123ms
62ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56449212-0-Wesley.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D65) /
Resource Hash: d01b4ba8cbaf65dfe863319b63fc2ed1c82202d975e1eb47332bfb2ae936caf1

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 12587
age: 10392424
x-guploader-uploadid: ABg5-UzGgtFntkjJMmysEfo8dyvJhgLQfgukfQinIcxZhr2J2Mm1o5t5_1JycZnsjzZV6HkGpnNSahXLyS-plGwnyZM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 21 May 2022 14:37:37 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12587
last-modified: Tue, 30 Mar 2021 22:37:37 GMT
server: ECS (lcy/1D65)
etag: "eb9f321c656df4a60558cbc257989165"
x-goog-hash: crc32c=4KHf9g==, md5=658yHGVt9KYFWMvCV5iRZQ==
content-type: image/png
x-goog-generation: 1617143857785451
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H3-Q050 200 56449202-0-Ons-Battikh.png
v.fastcdn.co/u/8c104a0e/ 15 KB
15 KB 120ms
60ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/8c104a0e/56449202-0-Ons-Battikh.png
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D50) /
Resource Hash: 284430957ce5cf9034648263ea224f37dc49c4396a8a32167af8acf0e8b51ed6

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
x-goog-stored-content-length: 14851
age: 10392423
x-guploader-uploadid: ABg5-UxP9IhtijvNrGqnT-S2jrJe0531x1xNwdyRmwXOxNWOze2YdxmKyjVu4ULYc08VxADpu8ROX_xMDlWujPkzQxw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 21 May 2022 14:37:37 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14851
last-modified: Tue, 30 Mar 2021 22:37:37 GMT
server: ECS (lcy/1D50)
etag: "e72031674d43e31d75543f1533dd5094"
x-goog-hash: crc32c=ghjhig==, md5=5yAxZ01D4x11VD8VM91QlA==
content-type: image/png
x-goog-generation: 1617143857776239
cache-control: max-age=315360000, public
x-goog-meta-content-length: 0
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:34:39 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/cus/s/0.6.21/ 50 KB
22 KB 131ms
130ms Script
application/javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/cus/s/0.6.21/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6gpqar40vz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 73b726f393224a07c798e675562c35be3cc4367dd9b972be4eed3ad85b373fc6

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: br
etag: "1d78fdafe2131a5"
last-modified: Fri, 13 Aug 2021 00:34:36 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0bwQWYQAAAABBJDmYMCjqS7mWb1tKQTObTFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&RedC=c.clarity.ms&MXFR=15D4692B66BA6D9702B579B962BA635A
https://c.clarity.ms/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&MUID=1434E3D041F269483226F3424099686E

42 B
357 B

62ms
62ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&MUID=1434E3D041F269483226F3424099686E
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:39 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:39 GMT
x-msedge-ref: Ref A: 1D3B38FFBB5840DB8CE3CDA1FF0478AE Ref B: FRAEDGE1516 Ref C: 2021-08-13T05:34:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=702B243E41EA4FAA8ECA4365D1F19959&MUID=1434E3D041F269483226F3424099686E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=596820606&t=event&ni=1&_s=1&dl=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&ul=en-us&de=UTF-8&dt=Ricoh%20Change%20Makers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=API%20Resolutions&el=Reveal%20API&_u=aGDAAUALAAAAAC~&jid=&gjid=&cid=623730503.1628832879&tid=UA-15163675-1&_gid=968200457.1628832879&gtm=2wg8b0N8NGN6&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd98=1628832879516.w0uksquv&cd99=Fri%20Aug%2013%202021%2007%3A34%3A39%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd100=english&cd101=GTM-N8NGN6&cd102=533&cd103=UA%20Event%20-%20Clearbit%20Reveal&cd104=&cd105=desktop&cd154=(not%20set)&cd97=623730503.1628832879&cd7=Internet%20Software%20%26%20Services&cd8=Salt%20Square&cd9=Internet%20Software%20%26%20Services&cd14=51&cd17=48&cd20=10&cd51=Salt%20Square&cd52=saltsquare.pl&cd53=Internet%20Software%20%26%20Services&cd54=Internet%20Software%20%26%20Services&cd55=10&cd56=1-10&cd57=51&cd58=48&cd59=%241M-%2410M&cd60=3704371&cd61=Poland&cd62=Dolno%C5%9Bl%C4%85skie&cd63=Wroc%C5%82aw&cd64=Information%20Technology&cd65=Software%20%26%20Services&cd66=(not%20set)&cd67=Information%20Technology%20%26%20Services&cd68=microsoft_exchange_online%3Aoutlook%3Amicrosoft_office_365%3Awordpress%3Agoogle_analytics%3Agoogle_maps&z=987433552

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 RSLcZwdwgco Show response
www.youtube.com/embed/ Frame 64C7 56 KB
23 KB 73ms
72ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52183441e2a87f7ce1eb72ed1411f33dc136730d5cc57e7f68a555387cf80e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.ricoh.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=ZgB8mW_fAsA; VISITOR_INFO1_LIVE=yIrhGXhIxwA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://services.ricoh.ca/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Aug 2021 05:34:39 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+580; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 XWjRzZBeyOc Show response
www.youtube.com/embed/ Frame 01D3 56 KB
23 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=OdOswAbQjFy-Zvj_vC8G4A&gtm_preview=env-488&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49e20f80427e6243915536abad5183f7afdf03d6569879a081e79fa3cfee5bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.ricoh.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=ZgB8mW_fAsA; VISITOR_INFO1_LIVE=yIrhGXhIxwA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://services.ricoh.ca/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Aug 2021 05:34:39 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+068; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 01D3 4 KB
0 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:39 GMT

GET generate_204
www.youtube.com/ Frame 01D3 0
0

POST atr
www.youtube.com/api/stats/ Frame 01D3 0
0

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 01D3 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46094
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 01D3 193 KB
64 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65204
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 2 MB
494 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505743
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 01D3 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 01D3 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 288438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 64C7 328 KB
45 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46094
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 64C7 193 KB
64 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65204
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 2 MB
494 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505743
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 64C7 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53661
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:18 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64C7 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 288438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:27:21 GMT

GET
H/1.1

200
OK

svrGP.aspx
s2073603363.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2073603363.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled
https://s2073603363.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled&elqCookie=1

49 B
388 B

468ms
468ms

Image
image/gif

142.0.160.13
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2073603363.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled&elqCookie=1

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.13 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Fri, 13 Aug 2021 05:34:40 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: image/gif
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Fri, 13 Aug 2021 05:34:39 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s2073603363.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2073603363&ref2=elqNone&tzo=-60&ms=770&optin=disabled&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 276
X-XSS-Protection: 1; mode=block
Expires: -1

POST
H2 204 collect Show response
www.clarity.ms/cus/ 0
155 B 130ms
130ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/cus/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.21/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://services.ricoh.ca
date: Fri, 13 Aug 2021 05:34:39 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0bwQWYQAAAAChKfJXeQmWSaWwjfOHx9kVTFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 01D3 113 B
159 B 15ms
14ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

008f603a6d3f0660cfe3eac872ddcbc400e8cf24cf8d5974bd14986dbd5a1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 01D3 29 B
53 B 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:25:37 GMT
x-content-type-options: nosniff
age: 542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 05:40:37 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53482
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29765
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js Show response
www.google.com/js/th/ Frame 01D3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4c7b23418ae569afa6754e6d4228390ce921e0e22c03ec0f51471db85abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13314
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 05:10:15 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 01D3 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53179
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:48:20 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 64C7 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deb282cd8cfbb23af7fea6bf0d7161b109dd38af9cd43ecf240afeec63e50be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 64C7 29 B
53 B 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:25:37 GMT
x-content-type-options: nosniff
age: 542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 05:40:37 GMT

GET
H3-29 200 s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js Show response
www.google.com/js/th/ Frame 64C7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/s1pMeyNBiuVpr6Z1Tm1CKDkM6SHg4iwD7A9RRx24Wrw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4c7b23418ae569afa6754e6d4228390ce921e0e22c03ec0f51471db85abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 05:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13314
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 05:10:15 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53179
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:48:20 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame 64C7 89 KB
21 KB 104ms
103ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a96c87bb918f05bb6374c2b46e0088c16c4217d30f0bb43de0798dbc19b693c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210811.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgt5SXJoR1hoSXh3QSjviNiIBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21835
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 01D3 4 KB
2 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 01D3 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hYPqYA
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 204 generate_204
www.youtube.com/ Frame 64C7 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?0OU1Tg
Requested by: Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 204 qoe Show response
www.youtube.com/api/stats/ Frame 64C7 0
21 B 16ms
16ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=ChQb1moLXmRYAxQB&ei=bwQWYYqvO9rn1gL9hamgDQ&el=embedded&docid=RSLcZwdwgco&ns=yt&fexp=23858057%2C23940238%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24053866%2C24058812%2C24065682%2C24071157%2C24071956%2C24079273%2C24079702%2C24080738%2C24084072&cl=390128873&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.263:N&ctmp=cc:t.254;useVodTrack&afs=0.263:251::i&vfs=0.263:243:243::r&bwe=0.263:130000&bat=0.263:1:1&vis=0.263:0&cmt=0.263:0.000&bh=0.263:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1628832879910&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 1 KB
2 KB 23ms
6ms XHR
text/plain 2a00:1450:4001:1::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=KM&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=1&pl=49&initcwndbps=527500&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&mt=1628832536&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgZpD3pEkV-9XwbrkNKoo_WMEZEQKw2Z18dZnYcjZyp8MCIFO_HXmNmT26NTVX9lJ546M8QmR3ruz4ICgdn_M3mPil&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&range=0-103875&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f05996d9af98fb3f228cddd41f44b172b227beacd68857a656a27e58b8c935ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1069
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 989 B
2 KB 21ms
6ms XHR
text/plain 2a00:1450:4001:1::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&mh=KM&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=1&pl=49&initcwndbps=527500&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&mt=1628832536&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgZpD3pEkV-9XwbrkNKoo_WMEZEQKw2Z18dZnYcjZyp8MCIFO_HXmNmT26NTVX9lJ546M8QmR3ruz4ICgdn_M3mPil&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&range=0-65916&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

45aa3264d795cf88bf04198986ee75bb3befd81348dfd0223c49270ce0126c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 989
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53483
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29765
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 63 KB
24 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e11022903201fbe2aa6d443f6e8c7de87b80fe2f4871d1f0b99337f04ef9b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53337
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24263
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:45:43 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 26 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

379fce65a1fbff8b63a8b2e736ba82028257dfb7b8e82ff89c5ed429169a0cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53483
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7191
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:43:17 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 64C7 66 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbbae7c56e71c0a2374eea282b8e2e80504e578f79bc9d242160f2057d3f9b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 53337
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19713
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:45:43 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame 64C7 65 KB
5 KB 238ms
237ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d80aa250c7d60f1132e603d5374271b42171fb776fc20333f183ced49e09418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210811.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: Cgt5SXJoR1hoSXh3QSjviNiIBg%3D%3D
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5361
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 986 B
1011 B 18ms
7ms XHR
text/plain 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&mh=KM&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=1&pl=49&initcwndbps=527500&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&mt=1628832536&fvip=1&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgZpD3pEkV-9XwbrkNKoo_WMEZEQKw2Z18dZnYcjZyp8MCIFO_HXmNmT26NTVX9lJ546M8QmR3ruz4ICgdn_M3mPil&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&ir=1,&rr=12,&range=0-65916&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e493c335f09722453337b7381eb1d8fef224b0777f83f2dc67edcf304cc2847a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 986
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 1 KB
1 KB 17ms
8ms XHR
text/plain 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=KM&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=1&pl=49&initcwndbps=527500&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&mt=1628832536&fvip=1&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgZpD3pEkV-9XwbrkNKoo_WMEZEQKw2Z18dZnYcjZyp8MCIFO_HXmNmT26NTVX9lJ546M8QmR3ruz4ICgdn_M3mPil&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&ir=1,&rr=12,&range=0-103875&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f0d6332ac9f654fde56bc0f3685cf06c7064d914d6092264f45dc134d043b4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 64C7 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r1---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 973 B
998 B 15ms
7ms XHR
text/plain 2a00:1450:4001:1::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&range=0-65916&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ebcab5caa554b11cdadf7f2095eba3076515a62f11fdbc254ba4cbef236ba910

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 973
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r1---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 1 KB
1 KB 13ms
6ms XHR
text/plain 2a00:1450:4001:1::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&range=0-103875&rn=6&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c453541bebf3b9311c16fe2e1024b6d1fa141a9cf82e6c964ae0defa2ea88264

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 101 KB
101 KB 47ms
47ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=0-103875&rn=7&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

16987ad43a588589c155cae9135a91277698489250fd047660407092732eefca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103876
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:37:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 64 KB
64 KB 37ms
37ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&ir=1&rr=12&range=0-65916&rn=8&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a1fbcb88dc09008e8e16dc2ef52f43e7a2cdde135a905dcd560873b6331291e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65917
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:16:36 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 101 KB
101 KB 24ms
23ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=103876-207303&rn=9&rbuf=2091

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ed2af1967a913fbba699d2e0076435a7a64e031a52e4745162543d78475a539f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103428
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:37:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=596820606&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&ul=en-us&de=UTF-8&dt=Ricoh%20Change%20Makers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Change%20Makers%20Videos&ea=Play&el=Redefine%20work%20and%20change.%20For%20better._https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DRSLcZwdwgco&_u=aGDAAUALAAAAAC~&jid=&gjid=&cid=623730503.1628832879&tid=UA-15163675-1&_gid=968200457.1628832879&gtm=2wg8b056W7G3H&cd97=623730503.1628832879&z=946927403

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 67 KB
67 KB 23ms
23ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&ir=1&rr=12&range=65917-134950&rn=10&rbuf=3743

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

14b1560ec6131a992c5ce91876efbb6302f3dd2972091f0f34565db8921e69e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69034
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:16:36 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 211 KB
211 KB 23ms
23ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=207304-423567&rn=11&rbuf=4182

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6e859501c61c524c0a284fc430e39e8c51c92a54ee2239793b24a845c3413663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216264
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:37:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

POST
H2 204 collect Show response
www.clarity.ms/cus/ 0
130 B 152ms
151ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/cus/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.21/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://services.ricoh.ca
date: Fri, 13 Aug 2021 05:34:40 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0cAQWYQAAAABcP8262UnsT48qGYazjdo/TFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 138 KB
138 KB 23ms
23ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&ir=1&rr=12&range=134951-276703&rn=12&rbuf=7687

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

81b2ee6199b6ebe0ea9cfe95ecefca07ac193bc9d16c47546ec4f8a23becf886

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141753
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:16:36 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H3-29 204 ptracking Show response
www.youtube.com/ Frame 64C7 0
21 B 14ms
14ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=RSLcZwdwgco&cpn=ChQb1moLXmRYAxQB&ei=bwQWYYqvO9rn1gL9hamgDQ&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1628832879910&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame 64C7 0
19 B 15ms
15ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=ChQb1moLXmRYAxQB&docid=RSLcZwdwgco&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FRSLcZwdwgco%3Fautoplay%3D1%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fservices.ricoh.ca%26widgetid%3D1&cmt=0.054&ei=bwQWYYqvO9rn1gL9hamgDQ&fmt=243&fs=0&rt=0.514&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fservices.ricoh.ca%2F&lact=519&cl=390128873&mos=1&vm=CAEQABgEOjJBS1JhaHdDQnpXUHEtU194UVJfZnY2clVqTDZobHdjblhqVVd5blN3MGZ4UThsUWE2d2JWQUh3MUlTX2JlYWRIQlpzOWNZNU9DVmotS3IyZGtZXzViS2RWdGFVU00td2lhME5Eb24xUHBsQkRMTTd2eXdsWUR2MDljXzNzVWV4QU10c1k3Unh0alE&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=65.941&fexp=23858057%2C23940238%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24053866%2C24058812%2C24065682%2C24071157%2C24071956%2C24079273%2C24079702%2C24080738%2C24084072&rtn=7&afmt=251&inview=0&muted=1

Requested by

Host: services.ricoh.ca
URL: https://services.ricoh.ca/?utm_source=event&utm_medium=paid&utm_campaign=CanadianSME_0421&utm_term=en&utm_content=BizExpo_Chat

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 328 KB
328 KB 25ms
25ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=423568-759204&rn=13&rbuf=8487

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

664c3e98efc704ff08ea6983c191e5d94aa14651c6ebae9c8ce25caf87933aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:40 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335637
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:37:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:40 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 3EBD 2 KB
1 KB 160ms
160ms Document
text/html 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1628832900000/my9agfd8k4vc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.ricoh.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://services.ricoh.ca/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 20:04:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KHIFjah2BnoIJADTuMzMPvFLU8QZhvg2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 13 Aug 2021 05:34:40 GMT
cache-control: no-cache
etag: W/"6fad0278d758e15234d6f1fb15ccab39"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: B6RlU_C_iQBML7f2iXfafzuLCIdnWgfYwcrxVW1F5EKMg4Pn8Rgv0w==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame BEF6 2 KB
1 KB 159ms
159ms Document
text/html 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1628832900000/my9agfd8k4vc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.ricoh.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://services.ricoh.ca/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 20:04:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KHIFjah2BnoIJADTuMzMPvFLU8QZhvg2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 13 Aug 2021 05:34:40 GMT
cache-control: no-cache
etag: W/"6fad0278d758e15234d6f1fb15ccab39"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: L4uqiqkJ76QB-6lPgEnEG_P-5WXJWheTIqZPkCBdQbKDef_m7hmjqw==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 two
ec.instapagemetrics.com/t/ Frame 0
0 457ms
148ms Preflight 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.12 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://services.ricoh.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://services.ricoh.ca
access-control-max-age: 5
date: Fri, 13 Aug 2021 05:34:41 GMT
referrer-policy: same-origin
server: akka-http/10.1.12
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 0

POST
H2 200 two Show response
ec.instapagemetrics.com/t/ 2 B
438 B 456ms
153ms XHR
text/plain 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/it.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

akka-http/10.1.12 /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
referrer-policy: same-origin
server: akka-http/10.1.12
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://services.ricoh.ca
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.b7a5ac57.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 6 KB
3 KB 47ms
46ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:58 GMT
content-encoding: gzip
age: 34183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:14 GMT
server: nginx
etag: W/"818ba16af105d5fa96add38b94447adf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wdcQGICfAoVynv_Q4s1geJs9yBEk2v38
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dJUHBi9-_IE5O5NsFKT8kEEkMm0xjvQJudNPcRfuz8jBKjvZLW3BPg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 58 KB
20 KB 50ms
49ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yNS3bjlI73kmlgqeUTR9oaT70h1yexg_ZHIG8kFRNWhjNH2Z_vhaXg==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 6 KB
3 KB 51ms
51ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pF7NZ7SB7fRIi_e_qCSPtXdDt7FK7qBu98DSAilwc6Agd3JiQCCKHQ==

GET
H2 200 runtime~main.b7a5ac57.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 6 KB
3 KB 51ms
50ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:58 GMT
content-encoding: gzip
age: 34183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:14 GMT
server: nginx
etag: W/"818ba16af105d5fa96add38b94447adf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wdcQGICfAoVynv_Q4s1geJs9yBEk2v38
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nKuh765yvSPCcIFC3PZkYa3q6Ktr161RM4FeRYIs6J4K_F5ZAh3M7w==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 58 KB
20 KB 54ms
53ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AMw8ZBKFc2bCxrJEfEurqSG1Gav1byk8zcYrX8V0FB7zUp1dq3UoYg==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 6 KB
3 KB 55ms
55ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TyellAQHRoafLis0-sIed7jEhMwiWX3TcQ5F1A1fva0GK4Z8zLhrTg==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 44 KB
13 KB 49ms
48ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2385368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AYrMzzEAZfCn8ud62piP8fAovyeRScNWWJARobXR2_DEmjCBbwAlOQ==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 44 KB
13 KB 51ms
51ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E_jbGJBAOiBa4mLMAiaft14sD-JqzP7Rj5ht0X8po6MuxWvuaIbd_g==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 25 KB
8 KB 53ms
52ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S9bPHtw4HNa4QE3VQekkJsnqRMfPlnEGE_gWrNB97CZxkiBtS91rpQ==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 16 KB
5 KB 53ms
53ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ifDBgwgocvC3OIwcbTR0WKi8aEb_Q63YuiSjt7IiNUTQtAMHV8LxzQ==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 83 KB
26 KB 57ms
57ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -dreqJXc_pDzDJGhv84L8dJQmWnY2mznRGtNsTfhtBDtYzaiOb7xrA==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 59 KB
19 KB 62ms
61ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CGzK7fqQy5610bqDPRm6lCtPrPxlFQ-A4O1HhEbsiUWRcJ4SEIa02w==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 91 KB
28 KB 65ms
65ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C7stqfglOANbDW1VBO_PnMjEZVNIpDC6cdsd3BFHFVvXysEXR-BBOw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 23 KB
7 KB 69ms
69ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RYX7s8QP6aLiulxRHGYl9854RBT_90sORmv9OJSinuQFSU-VZdxHXw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 62 KB
19 KB 72ms
72ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kQN8ctHEXn6kuKKbsTVgW6SlOjgoxYHmkS9eOGvtXCF1VyA-GNiTew==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 105 KB
34 KB 76ms
76ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pZbaziV701r4PiO9fFIOTxWlYh-WpTpaE5ihrXG6QEu6ZZ3gtnd2lA==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 12 KB
4 KB 81ms
80ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fqkRQWelQctd42IkOex2Wn14s4p_0BU_gN3nM0KJquOfQx4WDpMhTg==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 12 KB
5 KB 82ms
81ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _bMWUwPie7YfqEW4yIN-Xo_pvN1BOLVfbq85GvQGfTluQWa4eOIndw==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 17 KB
7 KB 83ms
83ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9t-1KdtRjmyhHHHHDPOqNVj7YZIL0enZI3aLKYSzKSq9T5OegFKOGg==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame 3EBD 11 KB
3 KB 83ms
82ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 47871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rDeEHyayL4nups57EwY1SE6OJQTe9DtbFU_-1KcYKFbR_9I1ONFnjw==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 70 KB
21 KB 85ms
85ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cSN5ObqnUmLBJPnXhDUJLxUlq5mFtCKXbW3iLzMENyIXIv1R9DNpNA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3EBD 24 B
667 B 86ms
86ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DvF8XEUx24zeFT3lTEm9zJZhTQlscqqwCK71O5sluQhsxnbXZWTmEw==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 70 KB
18 KB 88ms
88ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k3IDyYyE5yKUWKhuv3HW0HYHEJKrJqgx7P2YCgbQCPkT9XuDVIrWrw==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 43 KB
12 KB 91ms
90ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Cxv7668Kj9v40YL4cAv6TY4S52RNl2BbBa3dBZRUFeioKhHKbm-uA==

GET
H2 200 13.89b6cd8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 37 KB
12 KB 91ms
91ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 34182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:11 GMT
server: nginx
etag: W/"58da3454a438861dfbac69e3f6f2b077"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qEgjNXMR5sE_A0wlEecGarRiSrP4dy3X
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ULguSfXOx_HPvCsNyfhF60QLXro6iEBYMocO0C_ZuBI0A8R3zlKtiQ==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 44 KB
13 KB 86ms
85ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2385368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zKlpes8-qali-jygblDpNWLkmjcSgBgEeFTEcdBV3ft0VKpAycRbmg==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 44 KB
13 KB 87ms
86ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q-8AGPMHqM1rfNlkxLQ5iqTc7PNWldUXtbOTYtWp7_20LHZAk7-ZUQ==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 25 KB
8 KB 87ms
87ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z9No4QHpGoYGa1CsWS385bYMXdaqdev_Ou5airCYGe07-v7A_ATXoA==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 16 KB
5 KB 87ms
87ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dP6XqFaNxRYHCgNbfcrQEGm3kWPhWBPgYN2eUDGJrD5k7z6YgBZvNQ==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 83 KB
26 KB 88ms
88ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lmN0o9GvrIzwmPjcwKs2gkl3bDLcdIDikA_-eBB5ECnjBFihh9Gr4A==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 59 KB
19 KB 90ms
90ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BFywZgKLUXJRzRatxtUIH8f2NGwlIj3mwyukTYvyHRblLF-FamPeFQ==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 91 KB
28 KB 91ms
90ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lc7p827W-KyIFRYld76YYTAafBdXmvol8MaarSrYe9qUQsklLPOWGA==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 23 KB
7 KB 92ms
92ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xBeq9exJHkj8nDXyuS07bFztQylPGdOTVYvT0MmDJXUFI2gZrfIGVw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 62 KB
19 KB 93ms
93ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7amO2YqrbU_vLfyi0DInzEW1ipy2LisDMM2yJT4n9nmsb8-bz4ELNg==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 105 KB
34 KB 94ms
94ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 740261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7gs5tJOPPLN7YrDtodcqHI7KYpKDoD4PR04MFz0Pd8ar1zhN49Xg1w==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 12 KB
4 KB 95ms
95ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i-j0SbrgZwXnzcdtV0excm90T7JB-xwZXeAfv4zwdMZ1JyB5z9QO4w==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 12 KB
5 KB 95ms
95ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fvCHtgCcDCb5VlN4r-oQDTYjobdVQM46Wcxty7VRCsatWV9CRJ8zJw==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 17 KB
7 KB 95ms
95ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H-6cOxH_iGm6bUGW2w0f0ornu7AgRb6bvtaYOaOxAFlG-XlE-S4kyw==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 11 KB
3 KB 94ms
94ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 47871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Orlasvk1XnwbL78zpwEuv_TN2gujqYwHzE3wz-xuJflw9j9AwH9eHA==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 70 KB
21 KB 95ms
95ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FCBWLmC-6MM4-rHM7iMRahjt2oFOmb0-Baxa5uZinqwIh6DQrSCJ3w==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 24 B
667 B 95ms
95ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XNFzL91U8A8W-GkERZo4OOhSAKRu0-Cgu3-7FzQ8Q0vmBAJhoPCyIA==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 70 KB
18 KB 95ms
95ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gczpgop9cHVjx8U4U-VCre3LbngsZUWsy-JhtbC1C3laVv6AFmdgjg==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 43 KB
12 KB 97ms
96ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4x61TCpV6yaqYpdAjeYA2s5bpxAwc6bjmNl_KzOKV3QsLYrFl9YdCg==

GET
H2 200 13.89b6cd8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 37 KB
12 KB 97ms
97ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 34182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:11 GMT
server: nginx
etag: W/"58da3454a438861dfbac69e3f6f2b077"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qEgjNXMR5sE_A0wlEecGarRiSrP4dy3X
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YXlymxQPtbUMC7JmkswCL4TaMg2qMDgCULmZdhL86cIbzFkskmMxtw==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame 3EBD 2 B
403 B 461ms
154ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 05:34:41 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 44 KB
13 KB 47ms
47ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 740260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7TgEocsNTUyqtvAMfmAhBAaJWnrpVQx
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MEuMt_vh6agdWaJN14cAsx-_5W6k8TdIMmuceUNUFmTkH5_876YZ1w==

GET
H2 200 19.4751f621.chunk.css
js.driftt.com/core/assets/css/ Frame 3EBD 8 KB
2 KB 48ms
47ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.4751f621.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 740260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:58 GMT
server: nginx
etag: W/"029a883905ad20930f71f89ac0560a17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N8v6pXkvkC2.KU.VFYkzepuu6NKNvxQ0
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3vcQVxRf42i5f0wOCDGjMdqLXhsh4URRLY1EMDjf37oR9fhDjusFyw==

GET
H2 200 19.bf146149.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 15 KB
6 KB 48ms
48ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bf146149.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 740260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"a1a0554918be1e889111d5b344851906"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WR7M3EbElNylsRkJC8hO7jHISaf37erg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1TbAe_rtc5qZzFe4m_eK2nrcg9bWDhju4_FKO42FB2F5MFp-bxcNUQ==

GET
H2 200 26.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 3EBD 365 B
1007 B 49ms
48ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _znxfoUn6UUBgSii2qRzwRRP.d4zXKBH
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eUyMvzMs7EnsOlu6Eu5yDnL2V-77l90LNLDNLUs-mrtimXr0L4BHAg==

GET
H2 200 26.c06c9c65.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 77 KB
21 KB 49ms
49ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.c06c9c65.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb9c428a31f569e81a50ececeea6179c15c23ae04323d1c4ffa597fca0c6689c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 46069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"32819bafc45e451bdffdbeec3a123b8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fNiA2YO1Y8D08aIOgr56t5Nl6vX8.0f7
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vZ67HHgodhpzyFRdiCvDqYH-nGiUngrsWpc4qgy6YarRRprw9-5Clw==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame BEF6 2 B
403 B 450ms
151ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 05:34:41 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 6 KB
1 KB 47ms
46ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 3852294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PVvks0zhhvjt0OJ63n56iMZpde93iNDHurKNmLkYx864ZeG9mgsf0Q==

GET
H2 200 30.5070bbde.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 2 KB
2 KB 47ms
46ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5070bbde.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CFPUVjYb649i3kVl6K_oER41eqaej1oX
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hqhkWYpO8lueSzmt5kynqJK1ALlct8HN36uzOwUUYoAQMjYquCGoNg==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 7 KB
2 KB 47ms
46ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 3145800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TYFk4P362GtN8i23uapge11CIOkxyKlCXYedfK3bOCNhZdIIUT8brA==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 54 KB
16 KB 48ms
47ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 740260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aJOH9Xz6gjs2zi5SqRhbM-I5R561o2eq4qCU1SLH6cBrDaUmNITxoQ==

GET
H2 200 0.d96f2542.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 39 KB
7 KB 48ms
48ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.d96f2542.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 47871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"b4f7fd91fa3ccd73aeb2688b17c6fa11"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4QsbYDsOr2gMh8AzBgSQJycdf_cNiy5V
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GXgZ8b7UcsUSSbb0xuYiys95s5_nGWTdR3G80xtekWMk-CzBBTbGgQ==

GET
H2 200 0.bdaa0679.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 59 KB
20 KB 49ms
48ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.bdaa0679.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 34182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:10 GMT
server: nginx
etag: W/"6817cb0c6c41290178722ca6506410d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7KD2hJe0ZUOHvn.nPtI.kSYE0PBYQyco
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jvrc03QCwuTVvn3_3ffCLowurnvwYKcQZznbUvr0I7Y34K_oK0sluA==

GET
H2 200 28.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame BEF6 11 KB
2 KB 48ms
48ms Stylesheet
text/css 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: s7EnEI9BxpvdcrCDALBwrAEOxiEZt_Ad
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EzsejwaYaoJa2jl8sN2-1nF5sms5gZALvZYop3wccZ8zs--w1BcBJA==

GET
H2 200 28.8afe478b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 11 KB
5 KB 49ms
49ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.8afe478b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 554543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"09e18c7798d522e01840d4f263591af0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: etkYcrBQlfN8U2IMxEHm6.hSYLgOyCP4
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XW7lK4EA7jrqmua0d1ybDR-AnSQnyRkb94ekoCgYzOqup2v6i6WusA==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 430ms
137ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift0e14f8c445b93e9190d341621a1
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3EBD 25 B
123 B 151ms
151ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
server: istio-envoy
requestid: c7305dd39e64e645
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 3EBD 103 B
200 B 149ms
148ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

1b3a7e3ad2bd56fdecf89d2da468c6a6a2d095fa0fc2f0360663e7dad7f96b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
server: istio-envoy
requestid: 81744b43c519a515
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 414ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift278efdc4769a518267f3fdc6426
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame 3EBD 4 KB
739 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 03:54:12 GMT
server: ESF
date: Fri, 13 Aug 2021 05:34:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 05:34:41 GMT

GET
H2 200 my9agfd8k4vc.json Show response
embeds.driftcdn.com/embeds/ Frame 3EBD 10 KB
4 KB 562ms
461ms XHR
application/json 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/my9agfd8k4vc.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2a9c7d61d1ae6f649d38bad8dc9be35472cea5a4abd70ee982638c5606f72a8

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 23 Jul 2021 13:23:58 GMT
server: AmazonS3
etag: W/"d7e3d4c2c92b0c6b5df010b50259db7b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: NsQmOT0MDGJOKUq4SLmsjiPBXSp9dC5LmXBK07Lu3Iv6rCJbmJNaTA==

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 01D3 28 B
56 B 21ms
20ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XWjRzZBeyOc?enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt5SXJoR1hoSXh3QSjviNiIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628832879842&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKrDDZ9W136LpTF1OrvZFG4-TQhDYJ3d_49qmoekPAWrIbhwc13DSEkdZ79yOiH18FoZazOFm0XvejsAwUh5qmzId-NhPA

Response headers

date: Fri, 13 Aug 2021 05:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:41 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 64C7 28 B
58 B 23ms
23ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt5SXJoR1hoSXh3QSjviNiIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628832879825&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

date: Fri, 13 Aug 2021 05:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:42 GMT

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 3EBD 3 KB
2 KB 324ms
324ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

9a4f2599aee47f36a2bf9bf51fa21dab95201fa2d512957ea1f2dc40a83b955d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Aug 2021 05:34:42 GMT
content-encoding: gzip
server: istio-envoy
requestid: 95c3a3ddee51e87b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 191
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1607
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 204 collect Show response
www.clarity.ms/cus/ 0
131 B 132ms
132ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/cus/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.21/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://services.ricoh.ca
date: Fri, 13 Aug 2021 05:34:42 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0cgQWYQAAAADR+DpfYgiORYCSeVy/ldwiTFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2 200 my9agfd8k4vc Show response
targeting.api.drift.com/hours/availability/combined/ Frame 3EBD 41 B
128 B 187ms
187ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/my9agfd8k4vc

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
server: istio-envoy
requestid: 3a4b8e706b1e88d2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 54
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 41
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 my9agfd8k4vc
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 142ms
134ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/my9agfd8k4vc

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:42 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: driftda9ce64479e98b46cb7c2391ba0
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame 3EBD 652 B
1 KB 132ms
132ms XHR
application/json 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

8a93ddd43f0887d794da135cd17d37bc3b4744f3f18d01664c3d51b2fba3b222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
requestid: af98809827f1aa67
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 652

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 462ms
130ms Preflight
text/plain 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift77d8ce543d4ba39acf08d3087e6

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3EBD 17 KB
6 KB 46ms
46ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=my9agfd8k4vc&region=US&forceShow=false&skipCampaigns=false&sessionId=0216ec6d-aa35-441e-ac3a-689bf31f12f4&sessionStarted=1628832880.813&campaignRefreshToken=a27e0a7d-40ee-490e-8397-87562ba7f64b&hideController=false&pageLoadStartTime=1628832878850&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3154595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AuMZm5Pa-x7UcZB4DKKmbH6Wg9JSaN2bqyq7eXONLyynmPjdfkfhsQ==

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BEF6 17 KB
6 KB 46ms
46ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-49.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628832878850
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3154595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BxOHvWDfE4YREjFRLwpYYVQxpNinnyHEx3tjLBmHgXPxhy_cxtnpEg==

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 3EBD 410 B
294 B 136ms
136ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e311391e6fc3c313de8459c0c6b75092c4fd957eed2d51a61ae803995885498e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
content-encoding: gzip
server: istio-envoy
requestid: 137786f480ebe361
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 233
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 134ms
134ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift63683ad48e5ad9b3d120b308cbb
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 3EBD 25 B
87 B 151ms
150ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
server: istio-envoy
requestid: 52643210730a32c0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 136ms
136ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift9e322fc42549e706ad699365864
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 3EBD 0
38 B 146ms
146ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
server: istio-envoy
requestid: e512b55fd640c5e3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 135ms
135ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift48380e0457a8f7479c63d4bb88e
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=596820606&t=event&ni=1&_s=2&dl=https%3A%2F%2Fservices.ricoh.ca%2F%3Futm_source%3Devent%26utm_medium%3Dpaid%26utm_campaign%3DCanadianSME_0421%26utm_term%3Den%26utm_content%3DBizExpo_Chat&ul=en-us&de=UTF-8&dt=Ricoh%20Change%20Makers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%20409775&_u=aHDAAUALAAAAAC~&jid=&gjid=&cid=623730503.1628832879&tid=UA-15163675-1&_gid=968200457.1628832879&gtm=2wg8b0N8NGN6&cg1=(not%20set)&cg2=(not%20set)%2F(not%20set)&cg3=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd98=1628832879036.1neig9u&cd99=Fri%20Aug%2013%202021%2007%3A34%3A39%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd100=english&cd101=GTM-N8NGN6&cd102=533&cd103=CMS%20-%20UA%20Page%20Views&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=623730503.1628832879&z=149358076

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Aug 2021 09:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73604
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame BEF6 0
39 B 165ms
165ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
server: istio-envoy
requestid: bab9bb33cbafde2f
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 31
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 135ms
135ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifta13acfe4c8e80da4ecd95dc11ec
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 406 KB
406 KB 27ms
26ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=759205-1175130&rn=14&rbuf=11561

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9e1480cb9d3b98df600a79b477c034356942530d2a14685e4b743ff396d48f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415926
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:37:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Fri, 13 Aug 2021 05:34:43 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 217 KB
217 KB 24ms
23ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&ir=1&rr=12&range=276704-498673&rn=15&rbuf=12037

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2fca483b911a676d4b4abc3b51c35ff129660250a2d8e11f7bad1d815420e5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221970
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:16:36 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:43 GMT

POST
H3-29 204 atr Show response
www.youtube.com/api/stats/ Frame 64C7 0
21 B 19ms
19ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ChQb1moLXmRYAxQB&docid=RSLcZwdwgco&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FRSLcZwdwgco%3Fautoplay%3D1%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fservices.ricoh.ca%26widgetid%3D1&cmt=4.614&ei=bwQWYYqvO9rn1gL9hamgDQ&fmt=243&fs=0&rt=5.072&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fservices.ricoh.ca%2F&lact=5077&cl=390128873&mos=1&vm=CAEQABgEOjJBS1JhaHdDQnpXUHEtU194UVJfZnY2clVqTDZobHdjblhqVVd5blN3MGZ4UThsUWE2d2JWQUh3MUlTX2JlYWRIQlpzOWNZNU9DVmotS3IyZGtZXzViS2RWdGFVU00td2lhME5Eb24xUHBsQkRMTTd2eXdsWUR2MDljXzNzVWV4QU10c1k3Unh0alE&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=66&fexp=23858057%2C23940238%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24053866%2C24058812%2C24065682%2C24071157%2C24071956%2C24079273%2C24079702%2C24080738%2C24084072&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1628832879910&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:45 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
www.clarity.ms/cus/ 0
131 B 129ms
129ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/cus/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.21/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://services.ricoh.ca
date: Fri, 13 Aug 2021 05:34:45 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0dQQWYQAAAACS+BRA2qefRo0xVRCajBhaTFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 3EBD 25 B
85 B 136ms
135ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjg1Mjc1NzgzOTM1MTgwOCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwNjA3NjciLCJleHAiOjE2NjAzNjg4ODIsImlhdCI6MTYyODgzMjg4Mn0.t4FFRqkMJrqBj_T2w7wRFxwAtV4hzhcf9-_K5SBnUoAPr2H2q1HSS8xfw0m7lZHv4TNe5wt0x5_Qs0iOnAdISA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 05:34:46 GMT
server: istio-envoy
requestid: d5dc8b2ec378aaa9
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 136ms
135ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 05:34:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift46f4d9247f9a9188009a8ecbff0
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 204 watchtime
www.youtube.com/api/stats/ Frame 64C7 0
134 B 15ms
14ms Image
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=ChQb1moLXmRYAxQB&docid=RSLcZwdwgco&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FRSLcZwdwgco%3Fautoplay%3D1%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fservices.ricoh.ca%26widgetid%3D1&cmt=6.542&ei=bwQWYYqvO9rn1gL9hamgDQ&fmt=243&fs=0&rt=7&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fservices.ricoh.ca%2F&lact=7006&cl=390128873&state=playing&vm=CAEQABgEOjJBS1JhaHdDQnpXUHEtU194UVJfZnY2clVqTDZobHdjblhqVVd5blN3MGZ4UThsUWE2d2JWQUh3MUlTX2JlYWRIQlpzOWNZNU9DVmotS3IyZGtZXzViS2RWdGFVU00td2lhME5Eb24xUHBsQkRMTTd2eXdsWUR2MDljXzNzVWV4QU10c1k3Unh0alE&volume=100%2C100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=66&rtn=17&afmt=251&idpj=-4&ldpj=-33&rti=7&inview=0&st=0%2C0.156&et=0.054%2C6.542&muted=1%2C1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:46 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 64C7 28 B
61 B 19ms
19ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt5SXJoR1hoSXh3QSjviNiIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628832879910&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

date: Fri, 13 Aug 2021 05:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:34:47 GMT

POST
H2 201 raw-data Show response
heatmap-events-collector.instapage.com/api/ 33 B
646 B 478ms
170ms Fetch
application/json 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/api/raw-data

Requested by

Host: heatmap-events-collector.instapage.com
URL: https://heatmap-events-collector.instapage.com/static/lib.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://services.ricoh.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin, Accept-Encoding
content-length: 33
x-xss-protection: 1; mode=block
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
date: Fri, 13 Aug 2021 05:34:48 GMT
expect-ct: max-age=0
strict-transport-security: max-age=315360000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://services.ricoh.ca
access-control-allow-credentials: true
etag: W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs"

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 781 KB
783 KB 39ms
23ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=2296292&dur=65.899&lmt=1614699439284151&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMavY_PSNUJzWwnbQkQ0oMvjO3QSYGuf2YuSi9_uIuGkCIH3Ajb0Btqin4f1bk-trajv1wMBmvpCbzup4BeCSN92L&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNzBFJnET54O3nCPZMrZq6MY5LVxtRkDkrsNt6X7T5FMCIQCn19-DbNj5I2LzQZQKrxgO521a_Cxx7rXe4KFIqcKpjw%3D%3D&ir=1&rr=12&range=1175131-1975382&rn=16&rbuf=16863

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0454a90026857a5d6f4d552f0d7b57ec661f740a132ccdcfd23c10592796e13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 05:34:48 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 800252
Last-Modified: Tue, 02 Mar 2021 15:37:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21292
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Fri, 13 Aug 2021 05:34:48 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame 64C7 339 KB
339 KB 26ms
24ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1628854480&ei=bwQWYYqvO9rn1gL9hamgDQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ALBKIV4veItsFnda2U7n6JnkWzQbQAj-RXTw5zv0woae&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=-EoMrtzdE5qgasVX6_ngVhkG&gir=yes&clen=1134124&dur=65.941&lmt=1614698196933155&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6rWJQxRz8GrEnA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcRjFE7WRKL1cDI6gOkarZaPEZsinfSCmEjSpZrPVnI0CICGWS_euu223lTay9kLVxUAywbYlZ1i30zoL1Wr4g1sE&alr=yes&cpn=ChQb1moLXmRYAxQB&cver=1.20210811.1.0&redirect_counter=1&cm2rm=sn-4g5edz7s&cms_redirect=yes&mh=KM&mm=34&mn=sn-4g5e6nzz&ms=ltu&mt=1628832756&mv=m&mvi=1&pl=49&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgKgWGoX0ttx9--F7bGM-mw_vXxOslf_kK8T3tihB2G34CIQDYBE2bSofuedSYrIpxnhN9XrQU81anq2EmP9IWpAqm-g%3D%3D&ir=1&rr=12&range=498674-845514&rn=17&rbuf=18808

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6a423769cb8f67df047bf14e72079bd8c630c7c109025c2c4492d5e50f51c019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:34:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346841
client-protocol: quic
last-modified: Tue, 02 Mar 2021 15:16:36 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21291
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 13 Aug 2021 05:34:49 GMT

POST
H3-29 204 qoe Show response
www.youtube.com/api/stats/ Frame 64C7 0
21 B 15ms
15ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=ChQb1moLXmRYAxQB&ei=bwQWYYqvO9rn1gL9hamgDQ&el=embedded&docid=RSLcZwdwgco&ns=yt&fexp=23858057%2C23940238%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24053866%2C24058812%2C24065682%2C24071157%2C24071956%2C24079273%2C24079702%2C24080738%2C24084072&cl=390128873&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&ctmp=dompaused:t.278;promise;m.NotAllowedError&cmt=0.422:0.005,1.173:0.716,10.000:9.543&vps=0.422:PL,10.000:PL&user_intent=0.302&bwm=10.000:2827034:0.668&bwe=10.000:7035307&bat=10.000:1:1&bh=10.000:39.219&df=10.000:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RSLcZwdwgco?autoplay=1&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fservices.ricoh.ca&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1628832879910&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKo-GhKrriiGvJ_dzCQLohShPnGPRffREiqEh5kUZUSTCBrP5s_2szH649goz9KOOVQEHMKE-Dq-sWKdlh1pedfjcx2NMQ

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 05:34:49 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?C6mC0Q

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=yWtqvoRF5oGHyHgL&docid=XWjRzZBeyOc&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fservices.ricoh.ca%2F&lact=224&cl=390128873&mos=0&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210811.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=en_US&cr=DE&len=177&fexp=23858057%2C23940238%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24036236%2C24053866%2C24058812%2C24065682%2C24071157%2C24071956%2C24079273%2C24079702%2C24080738%2C24084072&muted=0&vis=3

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ricoh.ca/	1970-01-20 05:12:48	Name: _clck Value: 1i4ankx\|1\|etu
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZgB8mW_fAsA
.ricoh.ca/	1970-01-19 20:28:39	Name: _clsk Value: 1a1tzi2\|1628832879957\|1\|1\|cus/collect\|www.clarity.ms
.ricoh.ca/	1970-01-19 20:28:39	Name: _uetsid Value: 2742c9e0fbf811ebb23f4dfe0a733978
.youtube.com/	1970-01-20 00:46:24	Name: VISITOR_INFO1_LIVE Value: yIrhGXhIxwA
.ricoh.ca/	1970-01-20 05:48:48	Name: _uetvid Value: 2742ea80fbf811eb8b021f96be8acd25
.ricoh.ca/	1970-01-19 20:28:39	Name: _gid Value: GA1.2.968200457.1628832879
services.ricoh.ca/	1970-01-19 20:27:14	Name: drift_campaign_refresh Value: a27e0a7d-40ee-490e-8397-87562ba7f64b
.ricoh.ca/	1970-01-19 20:27:12	Name: _gat_UA-15163675-1 Value: 1
.ricoh.ca/	1970-01-20 13:58:24	Name: _ga Value: GA1.2.623730503.1628832879
services.ricoh.ca/	1970-01-19 20:27:14	Name: session Value: 1
.services.ricoh.ca/	1970-01-19 20:27:14	Name: pageviewCount Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 326.9000015258789 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
anthill.instapage.com
app-abm.marketo.com
apt.techtarget.com
attr.ml-api.io
bat.bing.com
bit.ly
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.instapagemetrics.com
d10lpsik1i8c69.cloudfront.net
ec.instapagemetrics.com
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
googleads.g.doubleclick.net
heatmap-events-collector.instapage.com
img.en25.com
img03.en25.com
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
r1---sn-4g5e6nzz.googlevideo.com
r3---sn-4g5e6nzz.googlevideo.com
reveal.clearbit.com
s.ml-attr.com
s2073603363.t.eloqua.com
secure.adnxs.com
sentry.io
services.ricoh.ca
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
t.co
targeting.api.drift.com
trk.techtarget.com
unpkg.com
v.fastcdn.co
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
www.youtube.com
104.111.229.66
104.111.234.67
104.16.93.80
104.244.42.3
104.244.42.5
107.178.254.45
108.174.10.14
142.0.160.13
143.204.98.49
143.204.98.58
151.101.12.157
163.171.128.148
18.132.238.79
185.33.220.241
192.229.133.208
206.19.49.24
2600:9000:2134:c00:12:3734:2a40:93a1
2606:4700::6810:7baf
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1450:4001:1::6
2a00:1450:4001:1::8
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:26f0:6c00:28c::25ea
34.120.27.38
35.188.42.15
35.222.120.150
35.244.137.202
50.16.7.188
52.142.114.2
52.222.137.185
54.172.114.57
67.199.248.10
68.67.153.60
008f603a6d3f0660cfe3eac872ddcbc400e8cf24cf8d5974bd14986dbd5a1cd9
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
0454a90026857a5d6f4d552f0d7b57ec661f740a132ccdcfd23c10592796e13e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
072d970388d4749ce871e59c751c809cbdb37e2ef0759086474a2246eb20c6f6
07719ec79181a87caf2cb7ea5bd35945a3e9f46cc41b6917775ef096b76929d2
091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a
0d80aa250c7d60f1132e603d5374271b42171fb776fc20333f183ced49e09418
0e11022903201fbe2aa6d443f6e8c7de87b80fe2f4871d1f0b99337f04ef9b7d
1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c
14b1560ec6131a992c5ce91876efbb6302f3dd2972091f0f34565db8921e69e4
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
16987ad43a588589c155cae9135a91277698489250fd047660407092732eefca
1b3a7e3ad2bd56fdecf89d2da468c6a6a2d095fa0fc2f0360663e7dad7f96b2f
1e74ab34bde4167ca3a73275db37a5fa56b09b90f96397a7d0e9b77a07863c77
2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
284430957ce5cf9034648263ea224f37dc49c4396a8a32167af8acf0e8b51ed6
299e0fcbf90965078538bb25417dce4b49065955430ff75bf6ad613420bf9e94
2ba88fd6156fbcdb821fe4caf5d4a3126d174895d9ba4cdbdb1a0d30c7e5e9c8
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fca483b911a676d4b4abc3b51c35ff129660250a2d8e11f7bad1d815420e5e1
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef
379fce65a1fbff8b63a8b2e736ba82028257dfb7b8e82ff89c5ed429169a0cd5
3a96c87bb918f05bb6374c2b46e0088c16c4217d30f0bb43de0798dbc19b693c
3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45aa3264d795cf88bf04198986ee75bb3befd81348dfd0223c49270ce0126c23
460526402e6c6e32f58223f8eab4e569434e606569166a7db60530f81e8b650d
49e20f80427e6243915536abad5183f7afdf03d6569879a081e79fa3cfee5bf8
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
52183441e2a87f7ce1eb72ed1411f33dc136730d5cc57e7f68a555387cf80e51
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe
664c3e98efc704ff08ea6983c191e5d94aa14651c6ebae9c8ce25caf87933aab
6a423769cb8f67df047bf14e72079bd8c630c7c109025c2c4492d5e50f51c019
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6e859501c61c524c0a284fc430e39e8c51c92a54ee2239793b24a845c3413663
73b726f393224a07c798e675562c35be3cc4367dd9b972be4eed3ad85b373fc6
74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52
74cad531b7b78d8d6e21786bd031c1e0247b6b4429ce428f19a33e4148bbeda2
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f
78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500
7a1a51869e8f5ab989ed6dbef5a32a1e9338d5c27b6752f712cbd6765684edb5
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
7e7c84efcf8e336f390d7a51a24cba3873782769b33470b31d2cef95b2f01cee
81b2ee6199b6ebe0ea9cfe95ecefca07ac193bc9d16c47546ec4f8a23becf886
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847b4c3796e556becfad5b4a3aa8ef8cfbd9275fd25d0f30b83c7a064d37b466
8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871a395274807a496ca51c603b7320eca9fc11a7949c0df992be96f29dcb7211
87cd50536eb8a8e97b4ac12b9166b3ad341e873193a0b40f48668e8083230154
89225b4b788b0e6caa3be9e66a771f8cad6cdb7f152383584427acd137d6eac3
895e9aaf75bed24d1435120f05fd5fd135dd3d8edb15f811bbe3482d9b1be3c2
89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026
8a93ddd43f0887d794da135cd17d37bc3b4744f3f18d01664c3d51b2fba3b222
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31
9475244b8d0dbdeb5191e7252a641df6710bada318b9c4c3f72567c6ca357851
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9a4f2599aee47f36a2bf9bf51fa21dab95201fa2d512957ea1f2dc40a83b955d
9c629b47a1fe3e89438110650b85fb9833e41aa3bb270568799327f5d1252429
9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad
9e1480cb9d3b98df600a79b477c034356942530d2a14685e4b743ff396d48f16
9f4331078abd467835bcf0b2367872f497045d37ebfb32fe7d9f82cf6843d282
a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675
a1fbcb88dc09008e8e16dc2ef52f43e7a2cdde135a905dcd560873b6331291e5
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce
a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e
b35a4c7b23418ae569afa6754e6d4228390ce921e0e22c03ec0f51471db85abc
b7293c412425ccb77f56ba5bfec69a33cb8e46defa99ec5020e54e823b54a206
b96b4f9b3146047939f342700eb43b54b7ab687d070048efa199320fc250844e
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c03c87715d3073b8d337c1fa6de655873f14017e7c36ead0ae4e61f29c1ea3ee
c453541bebf3b9311c16fe2e1024b6d1fa141a9cf82e6c964ae0defa2ea88264
cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4
d01b4ba8cbaf65dfe863319b63fc2ed1c82202d975e1eb47332bfb2ae936caf1
d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e
d44e949c780b9237aee625441ad2b38fd879e0d62af6a21f97a9e02911d49b6a
d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db468fb73f717110de65d2f596c7398e66b7731888751118897bce96badaa3e6
dbbae7c56e71c0a2374eea282b8e2e80504e578f79bc9d242160f2057d3f9b81
dc9b75d435d720e7f2e86791ca8aac14242b0ee9e8180975d8feef6ff5f5791f
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deb282cd8cfbb23af7fea6bf0d7161b109dd38af9cd43ecf240afeec63e50be0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e311391e6fc3c313de8459c0c6b75092c4fd957eed2d51a61ae803995885498e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e493c335f09722453337b7381eb1d8fef224b0777f83f2dc67edcf304cc2847a
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7869abcaff19fad74aae677838830a21555aac61a1ce6b04a73b981a794c658
ebcab5caa554b11cdadf7f2095eba3076515a62f11fdbc254ba4cbef236ba910
ec2579952de99c8c6f246c5f9eba38488b0299dc5ce0be9371ea861017d2e663
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed2af1967a913fbba699d2e0076435a7a64e031a52e4745162543d78475a539f
ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05996d9af98fb3f228cddd41f44b172b227beacd68857a656a27e58b8c935ab
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b
f0d6332ac9f654fde56bc0f3685cf06c7064d914d6092264f45dc134d043b4b5
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2a9c7d61d1ae6f649d38bad8dc9be35472cea5a4abd70ee982638c5606f72a8
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd
f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa537e30766db0b80f17b7fa6394f8efb7bb13a3f78395fdf46bc74b203920a4
fb9c428a31f569e81a50ececeea6179c15c23ae04323d1c4ffa597fca0c6689c
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848
fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808
ff6da69fe4b9464f9e7f15cb1f3d978f4ae992d8d2871c0ada5ca8dc2d1b9217

services.ricoh.ca Open in urlscan Pro 107.178.254.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

99 %HTTPS

49 %IPv6

36 Domains

52 Subdomains

46 IPs

6 Countries

9691 kBTransfer

18379 kBSize

12 Cookies

32 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

services.ricoh.ca Open in urlscan Pro
107.178.254.45 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

99 %
HTTPS

49 %
IPv6

36
Domains

52
Subdomains

46
IPs

6
Countries

9691 kB
Transfer

18379 kB
Size

12
Cookies

227 HTTP transactions
1 data transactions