us.ricoh-usa.com Open in urlscan Pro
142.0.160.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_s...
Effective URL:
https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_s...
Submission: On February 24 via manual (February 24th 2022, 4:57:34 pm UTC) from US — Scanned from DE

Summary HTTP 157 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 29 domains to perform 157 HTTP transactions. The main IP is 142.0.160.17, located in United States and belongs to NETDYNAMICS, US. The main domain is us.ricoh-usa.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2021. Valid for: a year.

This is the only time us.ricoh-usa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	142.0.160.17 142.0.160.17	7160 (NETDYNAMICS) (NETDYNAMICS)
4	104.89.22.29 104.89.22.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.230.252.46 34.230.252.46	14618 (AMAZON-AES) (AMAZON-AES)
3	35.190.114.154 35.190.114.154	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 9	95.100.153.81 95.100.153.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.0.160.13 142.0.160.13	7160 (NETDYNAMICS) (NETDYNAMICS)
4	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
36	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	34.75.172.129 34.75.172.129	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	18.169.101.100 18.169.101.100	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	2606:4700::68... 2606:4700::6812:15c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.62 18.66.112.62	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:27::... 2620:1ec:27::cafe:1377	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.193.254.175 34.193.254.175	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
157	41

5 142.0.160.17 (United States)

ASN7160 (NETDYNAMICS, US)

us.ricoh-usa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.89.22.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-22-29.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.252.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-252-46.compute-1.amazonaws.com

cdn.reachforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.114.154 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 154.114.190.35.bc.googleusercontent.com

sfc.leadspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.100.153.81 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-81.deploy.static.akamaitechnologies.com

images.learn.ricoh-usa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.160.13 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

s2073603363.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.75.172.129 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 129.172.75.34.bc.googleusercontent.com

sfgw.leadspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.101.100 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-101-100.eu-west-2.compute.amazonaws.com

reveal.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

11668852.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-62.fra56.r.cloudfront.net

js.idio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1377 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.254.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-254-175.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	3 MB
15	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 11668852.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 static.doubleclick.net — Cisco Umbrella Rank: 309	5 KB
14	ricoh-usa.com 1 redirects us.ricoh-usa.com images.learn.ricoh-usa.com — Cisco Umbrella Rank: 908283 images.ricoh-usa.com Failed	203 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	130 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	55 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1248 f.clarity.ms — Cisco Umbrella Rank: 1999 c.clarity.ms — Cisco Umbrella Rank: 693	26 KB
5	leadspace.com sfc.leadspace.com — Cisco Umbrella Rank: 75919 sfgw.leadspace.com — Cisco Umbrella Rank: 78622	249 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
4	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3125 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3196	34 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 103	191 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	8 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6342 adservice.google.de — Cisco Umbrella Rank: 9027	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3790	6 KB
4	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3144 va.v.liveperson.net — Cisco Umbrella Rank: 3560	106 KB
4	fonts.net fast.fonts.net — Cisco Umbrella Rank: 2467	42 KB
4	en25.com img03.en25.com — Cisco Umbrella Rank: 15785 img.en25.com — Cisco Umbrella Rank: 5576	135 KB
3	qualtrics.com zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1020	22 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	232 KB
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 11480 apt.techtarget.com — Cisco Umbrella Rank: 16434	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	16 KB
2	eloqua.com 1 redirects s2073603363.t.eloqua.com — Cisco Umbrella Rank: 318127	997 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 212	553 B
1	idio.co js.idio.co — Cisco Umbrella Rank: 30693	8 KB
1	clearbit.com reveal.clearbit.com — Cisco Umbrella Rank: 16572	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1021 B
1	reachforce.com 1 redirects cdn.reachforce.com — Cisco Umbrella Rank: 555587	260 B
157	29

	Domain	Requested by
36	www.youtube.com	us.ricoh-usa.com www.youtube.com www.googletagmanager.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com us.ricoh-usa.com
9	images.learn.ricoh-usa.com	1 redirects us.ricoh-usa.com
8	www.gstatic.com	www.youtube.com www.gstatic.com
8	googleads.g.doubleclick.net	3 redirects www.googleadservices.com www.youtube.com
7	www.google.com	1 redirects us.ricoh-usa.com www.youtube.com
5	us.ricoh-usa.com	us.ricoh-usa.com img.en25.com
4	i.ytimg.com	www.youtube.com
4	yt3.ggpht.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	tags.srv.stackadapt.com	us.ricoh-usa.com tags.srv.stackadapt.com
4	fonts.gstatic.com	www.youtube.com
4	fast.fonts.net	img03.en25.com fast.fonts.net
3	f.clarity.ms	www.clarity.ms f.clarity.ms
3	www.google.de	us.ricoh-usa.com
3	unpkg.com	2 redirects us.ricoh-usa.com
3	www.googletagmanager.com	us.ricoh-usa.com www.googletagmanager.com
3	sfc.leadspace.com	us.ricoh-usa.com cdn.reachforce.com
3	img03.en25.com	us.ricoh-usa.com
2	siteintercept.qualtrics.com	zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com siteintercept.qualtrics.com
2	va.v.liveperson.net	lptag.liveperson.net
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	px.ads.linkedin.com	2 redirects
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	c.clarity.ms	1 redirects us.ricoh-usa.com
2	www.clarity.ms	us.ricoh-usa.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	11668852.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sfgw.leadspace.com	sfc.leadspace.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	lptag.liveperson.net	us.ricoh-usa.com
2	s2073603363.t.eloqua.com	1 redirects us.ricoh-usa.com
1	zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com	us.ricoh-usa.com
1	px4.ads.linkedin.com	us.ricoh-usa.com
1	www.linkedin.com	1 redirects
1	adservice.google.de	adservice.google.com
1	c.bing.com	1 redirects
1	apt.techtarget.com	us.ricoh-usa.com
1	adservice.google.com	11668852.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.idio.co	us.ricoh-usa.com
1	trk.techtarget.com	us.ricoh-usa.com
1	img.en25.com	us.ricoh-usa.com
1	reveal.clearbit.com	www.googletagmanager.com
1	fonts.googleapis.com	client
1	cdn.reachforce.com	1 redirects
0	images.ricoh-usa.com Failed	img03.en25.com
157	47

This site contains links to these domains. Also see Links.

Domain
app.learn.ricoh-usa.com

Subject Issuer	Validity	Valid
*.ricoh-usa.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-06` - `2022-12-01`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
images.learn.ricoh-usa.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-06` - `2022-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.leadspace.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-12` - `2022-11-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
clearbit.com Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
idio.co R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Frame ID: 03C8FD968714297E454462BBCA517306
Requests: 84 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
Frame ID: CD7DF16287385B407ED6B4B702CF807C
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
Frame ID: B2D55980B9FA5500B2EC100D468CEC61
Requests: 36 HTTP requests in this frame

Frame: https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D
Frame ID: FA6156ED71F15771C59ADD1912B8FACE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D
Frame ID: C37A67A2945AB90BEBC456DBA6F05482
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D
Frame ID: 6ECE47BD0A4F2E6EA193BC489A8A7657
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fus.ricoh-usa.com&site=57308425&env=prod
Frame ID: 28CD8CBE3FC2EF5E61CF5E13CE33736B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RansomCare is an innovative security solution that contains security threats before they make the front page. | Ricoh USA

Detected technologies

Clearbit Reveal (Analytics) Expand

Overall confidence: 100%
Detected patterns

reveal\.clearbit\.com/v[(0-9)]/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

157
Requests

89 %
HTTPS

51 %
IPv6

29
Domains

47
Subdomains

41
IPs

7
Countries

4514 kB
Transfer

14707 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://app.learn.ricoh-usa.com/e/er?s=2073603363&lid=11504&elqTrackId=560a9ad0d9ec4ccc9d0657eabdb1badd&elq=00000000000000000000000000000000&elqaid=3131&elqat=2

Search URL Search Domain Scan URL

URL: https://app.learn.ricoh-usa.com/e/er?s=2073603363&lid=17776&elqTrackId=015c9b07dd434057b8db1c7e9a543301&elq=00000000000000000000000000000000&elqaid=3131&elqat=2
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://app.learn.ricoh-usa.com/e/er?s=2073603363&lid=17680&elqTrackId=03fb7f3e6ab84a07a45a643fd70e6815&elq=00000000000000000000000000000000&elqaid=3131&elqat=2
Title: Legal Sector

Search URL Search Domain Scan URL

URL: https://app.learn.ricoh-usa.com/e/er?s=2073603363&lid=17681&elqTrackId=226542229cf049899fc97791db74ed59&elq=00000000000000000000000000000000&elqaid=3131&elqat=2
Title: State and Local Government

Search URL Search Domain Scan URL

URL: https://app.learn.ricoh-usa.com/e/er?s=2073603363&lid=17678&elqTrackId=410c85d503be4532a808764ca5b9437d&elq=00000000000000000000000000000000&elqaid=3131&elqat=2
Title: K-12 and Charter Schools

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.reachforce.com/SmartForms.js HTTP 301
https://sfc.leadspace.com/SmartForms.js

Request Chain 12

https://images.learn.ricoh-usa.com/visitor/v200/svrGP?pps=60&siteid=2073603363&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2771&PURLRecordID=0&PURLGUID=F7D7C80118F0400C8182D1E2B64E6071&UseRelativePath=False&elq={00000000-0000-0000-0000-000000000000}&firstPartyCookieDomain=us.ricoh-usa.com&elqGUID=f7d7c801-18f0-400c-8182-d1e2b64e6071&elq_ck=0 HTTP 302
https://images.learn.ricoh-usa.com/eloquaimages/tinydot.gif

Request Chain 13

https://s2073603363.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=2073603363&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=3131&PURLRecordID=0&PURLGUID=A2CB46FA08A64795A87983EC11D70931&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&firstPartyCookieDomain=us.ricoh-usa.com&elqGUID=a2cb46fa-08a6-4795-a879-83ec11d70931&elq_ck=0&utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid= HTTP 302
https://s2073603363.t.eloqua.com/eloquaimages/tinydot.gif

Request Chain 55

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 56

https://11668852.fls.doubleclick.net/activityi;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D HTTP 302
https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D

Request Chain 64

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-LgXYoTREMnpgAfzj6vQDw&sscte=1&crd=&eitems=ChEIgPbckAYQk5jo9JzjtJSvARIdAIpB5z8yaTdkCmpUzfCZThUrC6mRDDUWapiuwEo HTTP 302
https://www.google.com/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-LgXYoTREMnpgAfzj6vQDw&cid=CAQSKQCNIrLMZmD2Zh8pcch_Q91L-5NL53tOs5a-r0CYKe0yPHHJHn6IfYGT&eitems=ChEIgPbckAYQk5jo9JzjtJSvARIdAIpB5z8rsM7Kfisf2TMMh3lKCN2g7DcniG3pQ3s&random=4240488459&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-LgXYoTREMnpgAfzj6vQDw&cid=CAQSKQCNIrLMZmD2Zh8pcch_Q91L-5NL53tOs5a-r0CYKe0yPHHJHn6IfYGT&eitems=ChEIgPbckAYQk5jo9JzjtJSvARIdAIpB5z8rsM7Kfisf2TMMh3lKCN2g7DcniG3pQ3s&random=4240488459&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 70

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 72

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 94

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&RedC=c.clarity.ms&MXFR=0F22B43626736B622AC3A5632273659D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&MUID=0AA92130DCFC6BB51C723065DD976A75

Request Chain 101

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3704850%26time%3D1645721848989%26url%3Dhttps%253A%252F%252Fus.ricoh-usa.com%252FRansomCare1%253Futm_campaign%253DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%2526utm_medium%253Demail%2526utm_source%253DEloqua%2526utm_content%253DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%2526Elqcampid%253D1985%2526Rforcecampid%253D%2523demo%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&liSync=true&e_ipv6=AQI6XbdTKbGvPwAAAX8sqo5K2EUtOMnSdZgMQ7rQKy7vmeNT9_TZgEwI4T6jGBc8xKpf2hZNrxVYLFTVc3SU_KSVibhQ

157 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request RansomCare1 Show response
us.ricoh-usa.com/ 62 KB
13 KB 620ms
337ms Document
text/html 142.0.160.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

e0d5cbef0cdd4582db206acd5e3a173e27d742221a59eed3155b0afb34ac63ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Thu, 24 Feb 2022 16:57:26 GMT
Content-Length: 12648

GET
H/1.1 200
OK %7B61557d34-9b9f-4283-927b-67bc4ec20b66%7D_Ricoh_NewEloquaLP_V1.css
img03.en25.com/Web/Ricoh/ 803 KB
108 KB 40ms
16ms Stylesheet
text/css 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/Web/Ricoh/%7B61557d34-9b9f-4283-927b-67bc4ec20b66%7D_Ricoh_NewEloquaLP_V1.css

Requested by

Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

dd030ceb9088bba9907ec4c2a37c04537304a735294dca6ca7e08e7e4250b614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 109710
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 11 Aug 2020 13:54:26 GMT
Date: Thu, 24 Feb 2022 16:57:27 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
ETag: "e5582ede66fd61:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Thu, 24 Feb 2022 16:57:27 GMT

GET
H2

200

SmartForms.js Show response
sfc.leadspace.com/
Redirect Chain

https://cdn.reachforce.com/SmartForms.js
https://sfc.leadspace.com/SmartForms.js

3 KB
3 KB

183ms
7ms

Script
application/javascript

35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sfc.leadspace.com/SmartForms.js

Requested by

Protocol

Server

35.190.114.154 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

154.114.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0645386b306fc6a2e7a59f44e38fb44e53c519a4ba0f0701e0caa07e9ab601d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:43:57 GMT
age: 810
x-guploader-uploadid: ADPycdv1ohrUgJQpwUcL69FiOZ4vyx13TG5nRL7DaKHgg-kiN_OY_NZWcuJJW84eeb12z-noc8qFlRtg56rXT_T6ZuFPYb5PGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2718
last-modified: Sun, 30 May 2021 06:36:45 GMT
server: UploadServer
etag: "557a04d61944100c7badd3f08c3e0fd3"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=6Pcn1A==, md5=VXoE1hlEEAx7rdPwjD4P0w==
x-goog-generation: 1622356605704395
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2718
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Feb 2022 17:43:57 GMT

Redirect headers

Location: https://sfc.leadspace.com/SmartForms.js
Date: Thu, 24 Feb 2022 16:57:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 247
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-953119949

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cadaa49ffc1bbe3cc8f35a946be41cc8b2d33fe96e218e259fd7b5c4e8a02727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40719
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Feb 2022 16:57:27 GMT

GET
H/1.1 200
OK %7B18f08508-b571-45d0-8ea5-8f6cf3b7784b%7D_ricoh_logo.png
img03.en25.com/EloquaImages/clients/Ricoh/ 20 KB
20 KB 21ms
21ms Image
image/png 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img03.en25.com/EloquaImages/clients/Ricoh/%7B18f08508-b571-45d0-8ea5-8f6cf3b7784b%7D_ricoh_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3a79540990e8c4f062e1ab2a4c3ff700834b560ee3088fb309dd6819db02ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Mon, 24 Jul 2017 20:24:05 GMT
ETag: "cfc9c4cbba4d31:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 24 Feb 2022 16:57:27 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 20186
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:27 GMT

GET
H/1.1 200
OK %7B72a31827-fbcf-4c47-bb5c-e664bc3dc633%7D_Ricoh_Hero_2.1.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 94 KB
94 KB 873ms
153ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7B72a31827-fbcf-4c47-bb5c-e664bc3dc633%7D_Ricoh_Hero_2.1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

cbeaca66e050e07181dadbb619502932c5f365bfa99e2cb3fbe852bccf84174e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 95744
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img03.en25.com/i/ 13 KB
4 KB 16ms
15ms Script
application/x-javascript 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3638
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 14 Jan 2022 15:05:19 GMT
Date: Thu, 24 Feb 2022 16:57:27 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "21101a25589d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 24 Feb 2022 16:57:27 GMT

GET
H/1.1 200
OK %7B45e0de66-5ef6-454c-9755-425ac2e66ac7%7D_Ricoh_LP_Detect.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 9 KB
9 KB 626ms
154ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7B45e0de66-5ef6-454c-9755-425ac2e66ac7%7D_Ricoh_LP_Detect.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

8c2ee5183b2c33697c58d558d6f5ed572cff760ecdbfea59096f5545e015e787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9266
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H/1.1 200
OK %7B48c6d913-a9a7-42d4-ab91-48a1426ff44d%7D_Ricoh_LP_Respond.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 11 KB
12 KB 985ms
515ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7B48c6d913-a9a7-42d4-ab91-48a1426ff44d%7D_Ricoh_LP_Respond.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

3537916dcbd9bc33e3e32b663796e40d7a7f4fc218da1bb1ce70d6629dbfc284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 11640
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H/1.1 200
OK %7Bcfe2fd9a-948e-4022-9d48-22e7926cad5a%7D_Ricoh_LP_Recover.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 18 KB
18 KB 1102ms
632ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7Bcfe2fd9a-948e-4022-9d48-22e7926cad5a%7D_Ricoh_LP_Recover.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

d63d33090f8964c45cc95d22fc81e1d1421bf752cc02dca6f58d6720e610c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:29 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 18003
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:29 GMT

GET
H/1.1 200
OK %7Bf9b82341-95bf-4e51-bd07-dcfea898966a%7D_Ricoh_LP_Report.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 8 KB
8 KB 904ms
435ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7Bf9b82341-95bf-4e51-bd07-dcfea898966a%7D_Ricoh_LP_Report.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

097bbf8aa7687ad3aea001d495a0e33468bf1d97a5a5515b3c1f6aff8f9cd95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 7865
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H/1.1 200
OK %7B334cde37-21c6-43c4-9fbb-04bca44eeed8%7D_Ricoh_LP_Industry2.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 10 KB
10 KB 989ms
520ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7B334cde37-21c6-43c4-9fbb-04bca44eeed8%7D_Ricoh_LP_Industry2.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

050f6a11a7d73316a9bf1d9214aeeba2f1105cfc8e3a837707dd8a0d27e7cc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 10082
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H/1.1 200
OK %7Bccea10c4-03eb-4569-bc09-825cfb7be1f1%7D_Ricoh_RansomCare_LP_TopITSolution_Logos.png
images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/ 35 KB
36 KB 559ms
558ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/EloquaImages/clients/Ricoh/%7Bccea10c4-03eb-4569-bc09-825cfb7be1f1%7D_Ricoh_RansomCare_LP_TopITSolution_Logos.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

00d1a82b98d15ec0f2d8f9cd5eb623108a9829432bb043b6373327b55b645f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:29 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 36349
X-Xss-Protection: 1; mode=block
Expires: Thu, 24 Feb 2022 16:57:29 GMT

GET
H/1.1

200
OK

tinydot.gif
images.learn.ricoh-usa.com/eloquaimages/
Redirect Chain

https://images.learn.ricoh-usa.com/visitor/v200/svrGP?pps=60&siteid=2073603363&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2771&PURLRecordID=0&PURLGUID=F7D7C80118F0400C8182D1...
https://images.learn.ricoh-usa.com/eloquaimages/tinydot.gif

49 B
559 B

446ms
446ms

Image
image/gif

95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.learn.ricoh-usa.com/eloquaimages/tinydot.gif

Requested by

Protocol

HTTP/1.1

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Last-Modified: Fri, 14 Jan 2022 15:05:16 GMT
ETag: "8cf2ce23589d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: max-age=604800
Date: Thu, 24 Feb 2022 16:57:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:29 GMT
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 142
Expires: Thu, 24 Feb 2022 16:57:29 GMT

GET
H/1.1

200
OK

tinydot.gif
s2073603363.t.eloqua.com/eloquaimages/
Redirect Chain

https://s2073603363.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=2073603363&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=3131&PURLRecordID=0&PURLGUID=A2CB46FA08A64795A87983EC...
https://s2073603363.t.eloqua.com/eloquaimages/tinydot.gif

49 B
542 B

94ms
94ms

Image
image/gif

142.0.160.13
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2073603363.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Protocol

HTTP/1.1

Server

142.0.160.13 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Last-Modified: Fri, 14 Jan 2022 15:05:16 GMT
ETag: "8cf2ce23589d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 24 Feb 2022 16:57:28 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 24 Feb 2022 16:57:28 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 89a335f0-78d3-4473-ba67-cf44d4679840.css
fast.fonts.net/cssapi/ 47 KB
3 KB 522ms
42ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Requested by: Host: img03.en25.com
URL: https://img03.en25.com/Web/Ricoh/%7B61557d34-9b9f-4283-927b-67bc4ec20b66%7D_Ricoh_NewEloquaLP_V1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef145d12e987e7f7c66e05fc16af78faf7b1e848da4c19fc3647eebb00e97d0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img03.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5542
x-amz-request-id: 4GA0C3GQ1TPXT6DG
x-amz-id-2: 7sVgHYmHD0s3vX5wEOGtFnmicWtvbMIWzQ4KLoSJWq4NCRsI0Uwg1TWXKk9ixIeGurhi5n+4Z1M=
last-modified: Wed, 17 Feb 2021 10:56:17 GMT
server: cloudflare
etag: W/"7bf23300353c333ed63f8d6c5e35f964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 24 Feb 2022 20:57:27 GMT
cache-control: public, max-age=14400
cf-ray: 6e2a3bab8ffc374a-MXP
x-amz-meta-mtime: 1554923215

GET
H2 200 1.css
fast.fonts.net/t/ 0
220 B 60ms
59ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=89a335f0-78d3-4473-ba67-cf44d4679840
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:27 GMT
cf-cache-status: HIT
age: 79646
cf-ray: 6e2a3babd8a6374a-MXP
content-length: 0
x-amz-id-2: sGpZkNqEPnMwEL6dfHYvFWTRREW3OjbkpJIk5M18SwaStMR/FPwIJHEOlRZw99MS6HX3CQaeBto=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: KMFW5ES3E955DX0C
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 599 KB
118 KB 120ms
118ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a165e20fdb601bc10560fc10bcaa2bbc5bcaf799d47275dcbe2dd9eb16006f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120307
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mtiFontTrackingCode.js Show response
us.ricoh-usa.com/ 1 KB
1 KB 180ms
179ms Script
text/html 142.0.160.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://us.ricoh-usa.com/mtiFontTrackingCode.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

a9da8811a3e213f0246fc0a097f2a24750ac03e94bf383dd6159c2e8d6107874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 24 Feb 2022 16:57:27 GMT
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 717
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 766ms
14ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=57308425
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 148031.js Show response
sfc.leadspace.com/ 50 KB
50 KB 8ms
7ms Script
text/javascript 35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sfc.leadspace.com/148031.js

Requested by

Host: cdn.reachforce.com
URL: https://cdn.reachforce.com/SmartForms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.114.154 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

154.114.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

136c1a1fb156066c47e5a1d5bd89b407f9a72ef3f3cf18ba8c824b1fd0a50658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:31:31 GMT
age: 1556
x-guploader-uploadid: ADPycdus7BuTrSlmfieyleKcZ_EM_RTcAltvRPBf0t6g8IDRw1g1fq6RNFzyvf6OeiJLZyS_YvdASIvd_j5qPwjYKRcOXYIKxg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 51193
last-modified: Tue, 12 Oct 2021 21:54:54 GMT
server: UploadServer
etag: "50a8c78fb6da6174ebce5a090b8ed78c"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=BKDSVQ==, md5=UKjHj7baYXTrzloJC47XjA==
x-goog-generation: 1634075694585943
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 51193
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 24 Feb 2022 17:31:31 GMT

GET
H2 200 3vQaQXcdLGc Show response
www.youtube.com/embed/ Frame CD7D 59 KB
26 KB 89ms
67ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3vQaQXcdLGc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01ee419c70685184668f0bf59b28c7d675145629b6e7fd1ced3adefef1443fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Feb 2022 16:57:28 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET 087d8a95-3f25-4bae-a1d1-db9ddffd72f5.woff2
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET 0811514e-6660-4043-92c1-23d0b8caaa2f.woff2
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET
H2 200 3vQaQXcdLGc Show response
www.youtube.com/embed/ Frame B2D5 59 KB
25 KB 60ms
60ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3vQaQXcdLGc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bea1703a734e590c7de2696315c0a54deb2b0ccb21ccd961e25c96044ed3a5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Feb 2022 16:57:28 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 168ms
31ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-953119949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H2 200 sf5.js Show response
sfc.leadspace.com/ 193 KB
194 KB 9ms
8ms Script
application/javascript 35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sfc.leadspace.com/sf5.js

Requested by

Host: cdn.reachforce.com
URL: https://cdn.reachforce.com/SmartForms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.114.154 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

154.114.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

cc94e55155661db6998eab90f7aff21dbfdc5ea25a4e0b397f31ce9ad48dceda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:54:17 GMT
age: 191
x-guploader-uploadid: ADPycdvsT6KuaKWupbqEm7cWvaslpZ9w2xFOiohS0zfLqKoSNoDd44kzo5xj0dzOo2HhK7L1lA0T8Zf_NoYD2ylTcwgRhc95XQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 198138
last-modified: Sun, 30 May 2021 06:36:45 GMT
server: UploadServer
etag: "5fdbd3e7c66bb82260a9333ec336418b"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=US8pvA==, md5=X9vT58ZruCJgqTM+wzZBiw==
x-goog-generation: 1622356605283226
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 198138
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Feb 2022 17:54:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1021 B 107ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 16:27:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 16:57:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 16:57:28 GMT

POST
H/1.1 200
OK match Show response
sfgw.leadspace.com/ip/ 144 B
1 KB 157ms
156ms XHR
application/json 34.75.172.129
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sfgw.leadspace.com/ip/match

Requested by

Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/sf5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.75.172.129 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

129.172.75.34.bc.googleusercontent.com

Software

Prod /

Resource Hash

a38c80d5d83c300892f710ce0c2d31f4d9cec126c22f1b0773440e5def439479

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' https://.leadspace.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://.aptrinsic.com; img-src www.google-analytics.com https://.leadspace.com https://.aptrinsic.com; connect-src https://.leadspace.com wss://.leadspace.com https://.aptrinsic.com https://.google-analytics.com; frame-src https://.leadspace.com; style-src 'unsafe-inline' https://.leadspace.com https://fonts.googleapis.com https://web-sdk.aptrinsic.com; style-src-elem 'unsafe-inline' https://.leadspace.com https://.aptrinsic.com; frame-ancestors https://*.leadspace.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://us.ricoh-usa.com/
Authorization: 148031
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
referrer-policy: no-referrer
server: Prod
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Origin
content-type: application/json
access-control-allow-origin: https://us.ricoh-usa.com
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
content-security-policy: default-src 'self'; script-src 'unsafe-inline' https://*.leadspace.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.aptrinsic.com; img-src www.google-analytics.com https://*.leadspace.com https://*.aptrinsic.com; connect-src https://*.leadspace.com wss://*.leadspace.com https://*.aptrinsic.com https://*.google-analytics.com; frame-src https://*.leadspace.com; style-src 'unsafe-inline' https://*.leadspace.com https://fonts.googleapis.com https://web-sdk.aptrinsic.com; style-src-elem 'unsafe-inline' https://*.leadspace.com https://*.aptrinsic.com; frame-ancestors https://*.leadspace.com
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 144
x-content-type-options: nosniff

GET ab1bcdf7-9570-4cba-a8e3-3e39ddd861db.woff
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET aeae8cac-ba4d-40d2-bbcf-936f2c7dcfe6.woff
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET 83c94878-06c8-442c-a7df-d520b0ced00b.ttf
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET caedf2e6-fbef-4928-b08e-1f975981ae8d.ttf
images.ricoh-usa.com/Assets/Fonts/ 0
0

GET
H2 200 087d8a95-3f25-4bae-a1d1-db9ddffd72f5.woff2
fast.fonts.net/dv2/14/ 20 KB
20 KB 650ms
591ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/087d8a95-3f25-4bae-a1d1-db9ddffd72f5.woff2?d44f19a684109620e4841571a290e8189a839a7dd9875257b57b08655e5af9bbf47008214d57153f0c48ffa3766af7b41894f6f50698a4854a4a8e35d0be20dd6f1a1b6859b60ec76687efe319f8eb5e28a628d78eae1195a2c0aee6eb97544b4ea866230d3e1799bea1364a5be3fa31d137db9325eb51050c727e4d55b100ebcd2014ab62fdec41c427342275e1e690b2bc338dbc76323809d4e3c9989e8d0b06f617735cc9eb5d48ae3e9ec06e14257acf671334069af37f&projectId=89a335f0-78d3-4473-ba67-cf44d4679840
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6df60745164e0e3547008af5628bddf4f40b6a7a19fc9d1f43efe34c7427883

Request headers

Referer: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Origin: https://us.ricoh-usa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
cf-cache-status: MISS
x-amz-request-id: 7ZV2FS8RT8PM60PY
content-length: 20464
x-amz-id-2: UsgmuIAd6jvzvvBNGtBn0z+y9nAB7BEvycO6G3RZNSf+KSFJ6K87Eddyqy/zWL54HwBICBMyjUA=
expires: Thu, 24 Feb 2022 20:57:28 GMT
last-modified: Fri, 30 Oct 2020 02:05:47 GMT
server: cloudflare
etag: "8066e15fd248b2b0785ea7d821616a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6e2a3baf2f7a83ac-MXP
x-amz-meta-mtime: 1473465509

GET
H2 200 0811514e-6660-4043-92c1-23d0b8caaa2f.woff2
fast.fonts.net/dv2/14/ 17 KB
18 KB 645ms
587ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/0811514e-6660-4043-92c1-23d0b8caaa2f.woff2?d44f19a684109620e4841571a290e8189a839a7dd9875257b57b08655e5af9bbf47008214d57153f0c48ffa3766af7b41894f6f50698a4854a4a8e35d0be20dd6f1a1b6859b60ec76687efe319f8eb5e28a628d78eae1195a2c0aee6eb97544b4ea866230d3e1799bea1364a5be3fa31d137db9325eb51050c727e4d55b100ebcd2014ab62fdec41c427342275e1e690b2bc338dbc76323809d4e3c9989e8d0b06f617735cc9eb5d48ae3e9ec06e14257acf671334069af37f&projectId=89a335f0-78d3-4473-ba67-cf44d4679840
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995

Request headers

Referer: https://fast.fonts.net/cssapi/89a335f0-78d3-4473-ba67-cf44d4679840.css
Origin: https://us.ricoh-usa.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
cf-cache-status: MISS
x-amz-request-id: 7ZVC7DBB6SKSTVV3
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=g2WWcG3yS0xy6KwI3EC1M.UHRVhgpMtRN9A7HOhWoH4-1645721848-0-AR5pGkrO_W-_4do9mbkIbV5BQHR9myxKB6SDUzNw_LomlY80zYic_ZP8eOqitxTCSrgXaAoLUCZ8dmP8UXUnY_0
content-length: 17284
x-amz-id-2: gb+L6slOCS7bywMY4KU7LnfnuIxjXqIx55SFy5uCegFA6k8vRo3tAosEgpeko3s6QBQfsfY/adU=
expires: Thu, 24 Feb 2022 20:57:28 GMT
last-modified: Fri, 30 Oct 2020 02:05:34 GMT
server: cloudflare
etag: "9512031162098077b02a291d5bf69f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6e2a3baf2f7e83ac-MXP
x-amz-meta-mtime: 1427954435

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3156
date: Thu, 24 Feb 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Feb 2022 18:04:52 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
74 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQV9JLL&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc026f88961dfeec90283c253db42a2b491854ca707788e29cd5d5788da21e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75819
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H2 200 reveal Show response
reveal.clearbit.com/v1/companies/ 2 KB
1 KB 248ms
204ms Script
application/javascript 18.169.101.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_db043fe873bac067e56bf19269f3e27e&callback=pushToDataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.101.100 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-101-100.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

a90d4ed3e88a6b831192e740ae27dd557c222d215d3b3c5b1ba8069a1fd2639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2018-03-28
vary: Accept-Encoding
x-account-id: ac03fd84-b854-4505-aee2-67cb65c2fac1
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 31ms
14ms Script
application/x-javascript 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 14 Jan 2022 15:05:19 GMT
Date: Thu, 24 Feb 2022 16:57:28 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "3cc21925589d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 24 Feb 2022 16:57:28 GMT

OPTIONS
H/1.1 200
OK match
sfgw.leadspace.com/ip/ Frame 0
0 787ms
208ms Preflight 34.75.172.129
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://sfgw.leadspace.com/ip/match

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.75.172.129 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

129.172.75.34.bc.googleusercontent.com

Software

Prod /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'unsafe-inline' https://.leadspace.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://.aptrinsic.com; img-src www.google-analytics.com https://.leadspace.com https://.aptrinsic.com; connect-src https://.leadspace.com wss://.leadspace.com https://.aptrinsic.com https://.google-analytics.com; frame-src https://.leadspace.com; style-src 'unsafe-inline' https://.leadspace.com https://fonts.googleapis.com https://web-sdk.aptrinsic.com; style-src-elem 'unsafe-inline' https://.leadspace.com https://.aptrinsic.com; frame-ancestors https://*.leadspace.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://us.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://us.ricoh-usa.com
access-control-allow-methods: POST
access-control-allow-headers: authorization, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 24 Feb 2022 16:57:28 GMT
server: Prod
content-security-policy: default-src 'self'; script-src 'unsafe-inline' https://*.leadspace.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.aptrinsic.com; img-src www.google-analytics.com https://*.leadspace.com https://*.aptrinsic.com; connect-src https://*.leadspace.com wss://*.leadspace.com https://*.aptrinsic.com https://*.google-analytics.com; frame-src https://*.leadspace.com; style-src 'unsafe-inline' https://*.leadspace.com https://fonts.googleapis.com https://web-sdk.aptrinsic.com; style-src-elem 'unsafe-inline' https://*.leadspace.com https://*.aptrinsic.com; frame-ancestors https://*.leadspace.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubdomains

GET
H3 200 www-player.css
www.youtube.com/s/player/ad8ea84d/ Frame CD7D 338 KB
46 KB 24ms
7ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5289a943c0bc5db6b05683f78a4a5c242823725956b69d80e4d3395cd998dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47302
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 15:27:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/ Frame CD7D 276 KB
85 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0436ce2dd4e5ee2a6447af73f563b5cc8362b98cf2f8f8212e2f329d68876da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86692
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 2 MB
538 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bdaae44ce8a0219dc90ea21a6e99e1f065e78dd39a9129515da5c4efa7f3e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551255
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/ Frame CD7D 10 KB
3 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/ad8ea84d/ Frame B2D5 338 KB
46 KB 26ms
10ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5289a943c0bc5db6b05683f78a4a5c242823725956b69d80e4d3395cd998dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47302
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 15:27:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/ Frame B2D5 276 KB
85 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0436ce2dd4e5ee2a6447af73f563b5cc8362b98cf2f8f8212e2f329d68876da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86692
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 2 MB
538 KB 46ms
30ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bdaae44ce8a0219dc90ea21a6e99e1f065e78dd39a9129515da5c4efa7f3e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551255
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/ Frame B2D5 10 KB
3 KB 51ms
35ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD7D 15 KB
16 KB 40ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 193163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2D5 15 KB
15 KB 43ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 193163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
22ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1164755110&t=pageview&_s=1&dl=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&ul=en-us&de=UTF-8&dt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1328307382&gjid=551927381&cid=1125449784.1645721848&tid=UA-33834817-1&_gid=1442688380.1645721848&_r=1&gtm=2wg2g0N8NGN6&cg1=(not%20set)&cg2=(not%20set)%2F(not%20set)&cg3=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=1645721848152.t6g34x6m&cd99=Thu%20Feb%2024%202022%2016%3A57%3A28%20GMT%2B0000%20(GMT)&cd100=english&cd101=GTM-N8NGN6&cd102=566&cd103=CMS%20-%20UA%20Page%20Views&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=1125449784.1645721848&z=1124918591

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.ricoh-usa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.ricoh-usa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK svrGP Show response
us.ricoh-usa.com/visitor/v200/ 0
338 B 143ms
142ms Script
application/javascript 142.0.160.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://us.ricoh-usa.com/visitor/v200/svrGP?pps=50&siteid=2073603363&DLKey=fe20f712-dd61-4609-8ec5-ffca4c49323c&DLLookup=&ms=222&firstPartyCookieDomain=us.ricoh-usa.com&elqGUID=A2CB46FA08A64795A87983EC11D70931

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:27 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP Show response
us.ricoh-usa.com/visitor/v200/ 79 B
509 B 254ms
111ms Script
application/javascript 142.0.160.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://us.ricoh-usa.com/visitor/v200/svrGP?pps=70&siteid=2073603363&ms=222&firstPartyCookieDomain=us.ricoh-usa.com&elqGUID=A2CB46FA08A64795A87983EC11D70931

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

1e49ab725bc872eea326f1ff5a47abcfa71c83cb2fe2b1e7db037c4552b913c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 107
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
us.ricoh-usa.com/visitor/v200/ 49 B
375 B 358ms
148ms Image
image/gif 142.0.160.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.ricoh-usa.com/visitor/v200/svrGP?pps=3&siteid=2073603363&ref2=elqNone&tzo=0&ms=222&optin=disabled&firstPartyCookieDomain=us.ricoh-usa.com&elqGUID=A2CB46FA08A64795A87983EC11D70931

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Feb 2022 16:57:27 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/953119949/ 2 KB
1 KB 50ms
25ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/953119949/?random=1645721848230&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

31c40234e0723864e3057439a8d6a4adb5a80f41a125aabf0068f1979d31287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1407
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/953119949/ 3 KB
2 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953119949/?random=1645721848239&cv=9&fst=1645721848239&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d290cc25b539d14c7d918e748cfcb8c6bf96ce2469f1926b88f30ecb9ac90d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

30ms
30ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2990453
fly-request-id: 01FSX6QPCMDZA10VHFYP5G8ZJ4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e2a3bb278aa83a8-MXP

Redirect headers

date: Thu, 24 Feb 2022 16:57:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6QP7TCC7WPN85Q37A3F5H
server: cloudflare
age: 2990453
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e2a3bb1cee283a8-MXP
access-control-allow-origin: *

GET
H3

200

activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_camp... Show response
11668852.fls.doubleclick.net/ Frame FA61
Redirect Chain

https://11668852.fls.doubleclick.net/activityi;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_c...
https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.r...

704 B
540 B

37ms
21ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQV9JLL&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

2cced2cba4378d17b501688665dff637a8d167932146d8d91c0bbc77a8c7195a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Feb 2022 16:57:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Feb 2022 16:57:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 346ms
94ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQV9JLL&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 16:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32614
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 87ms
52ms Script
text/javascript 2606:4700::6812:15c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 110
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 24 Feb 2022 17:05:38 GMT
cache-control: max-age=1200
cf-ray: 6e2a3bb14ea60f5a-MXP
cf-bgj: minify

GET
H2 200 2313.js Show response
js.idio.co/ 30 KB
8 KB 25ms
8ms Script
application/javascript 18.66.112.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.idio.co/2313.js
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3c268077669ffd6e4179997d8efb1951997139308e404bcc0d22b146930360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 22:44:39 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 15:31:45 GMT
server: AmazonS3
age: 65570
etag: W/"cf93625c5a40e845a5b813a0310bb180"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ZiW0n5wAqqv8kIOK2qCD0TxPQsBTfLF5stH0nkJ_srqmbPdn55XyMA==

GET
H2 200 3w3fm7xuvk Show response
www.clarity.ms/tag/ 941 B
1 KB 210ms
146ms Script
application/x-javascript 2620:1ec:27::cafe:1377
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3w3fm7xuvk
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1377 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 646e87b4e85b229ea62ffaff04eb7731dc60c6b29ea71f3e5189f4655213a5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-powered-by: ASP.NET
x-azure-ref: 0+LgXYgAAAAC0fYIBcqGtQpWEO8mNYsocSEVMMDFFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 6gpvemcj11 Show response
www.clarity.ms/tag/ 618 B
881 B 202ms
148ms Script
application/x-javascript 2620:1ec:27::cafe:1377
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6gpvemcj11
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1377 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ebfda6cb56735caf4ffc9c08abe12ebaf819c229fccfb5fe7d083dc0de6b64db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-powered-by: ASP.NET
x-azure-ref: 0+LgXYgAAAAAmgB2UrlcwQKrpvzMlF1ifSEVMMDFFREdFMDYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length: 618
expires: -1

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 434ms
122ms Script
text/javascript 34.193.254.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-254-175.compute-1.amazonaws.com
Software: /
Resource Hash: f416e0482e4dd319ca5441ab693f6122be12f3d7735d801d54f58175ef41d567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Feb 2022 16:57:29 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4407
Connection: keep-alive
Content-Type: text/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 109ms
28ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33834817-1&cid=1125449784.1645721848&jid=1328307382&gjid=551927381&_gid=1442688380.1645721848&_u=YGBACUAABAAAAC~&z=583500954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.ricoh-usa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Feb 2022 16:57:28 GMT
content-type: text/plain
access-control-allow-origin: https://us.ricoh-usa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/953119949/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

42ms
25ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-LgXYoTREMnpgAfzj6vQDw&cid=CAQSKQCNIrLMZmD2Zh8pcch_Q91L-5NL53tOs5a-r0CYKe0yPHHJHn6IfYGT&eitems=ChEIgPbckAYQk5jo9JzjtJSvARIdAIpB5z8rsM7Kfisf2TMMh3lKCN2g7DcniG3pQ3s&random=4240488459&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/953119949/?random=1030944602&cv=9&fst=1645721848230&num=1&value=0&label=afvuCOicuIEDEM3pvcYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&auid=90338987.1645721848&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-LgXYoTREMnpgAfzj6vQDw&cid=CAQSKQCNIrLMZmD2Zh8pcch_Q91L-5NL53tOs5a-r0CYKe0yPHHJHn6IfYGT&eitems=ChEIgPbckAYQk5jo9JzjtJSvARIdAIpB5z8rsM7Kfisf2TMMh3lKCN2g7DcniG3pQ3s&random=4240488459&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33834817-1&cid=1125449784.1645721848&jid=1328307382&_u=YGBACUAABAAAAC~&z=243427353

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
52ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33834817-1&cid=1125449784.1645721848&jid=1328307382&_u=YGBACUAABAAAAC~&z=243427353

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1164755110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&ul=en-us&de=UTF-8&dt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=API%20Resolutions&el=Reveal%20API&_u=aGDACUABBAAAAC~&jid=&gjid=&cid=1125449784.1645721848&tid=UA-33834817-1&_gid=1442688380.1645721848&gtm=2wg2g0N8NGN6&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=1645721848416.6igwjdgr&cd99=Thu%20Feb%2024%202022%2016%3A57%3A28%20GMT%2B0000%20(GMT)&cd100=english&cd101=GTM-N8NGN6&cd102=566&cd103=UA%20Event%20-%20Clearbit%20Reveal&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=1125449784.1645721848&cd7=Internet%20Software%20%26%20Services&cd8=OVPN.com&cd9=Internet%20Software%20%26%20Services&cd14=54&cd17=73&cd20=5&cd51=OVPN.com&cd52=ovpn.com&cd53=Internet%20Software%20%26%20Services&cd54=Internet%20Software%20%26%20Services&cd55=5&cd56=1-10&cd57=54&cd58=73&cd59=%240-%241M&cd60=300380&cd61=Sweden&cd64=Information%20Technology&cd65=Software%20%26%20Services&cd66=(not%20set)&cd67=Technology%3AInformation%20Technology%20%26%20Services%3ASecurity%3AB2B&cd68=paypal%3Apostmark%3Aintercom%3Apiwik%3Anginx&z=1183253000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68403
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/953119949/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/953119949/?random=1645721848239&cv=9&fst=1645718400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&async=1&fmt=3&is_vtc=1&random=3167096333&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/953119949/ 42 B
548 B 45ms
28ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/953119949/?random=1645721848239&cv=9&fst=1645718400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&tiba=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&async=1&fmt=3&is_vtc=1&random=3167096333&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B2D5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

17ms
17ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdcb483bed70d32e6df58da5d2db69a934f47b31cdcba6ed94c130dbd9eb314c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B2D5 29 B
588 B 28ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:44:18 GMT
x-content-type-options: nosniff
age: 790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:59:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CD7D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

052b87785f054b27e18ede302e8b9fe2b656f479e215203f88f47989ce2669eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CD7D 29 B
89 B 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:44:18 GMT
x-content-type-options: nosniff
age: 790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:59:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 119 KB
37 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff08766ad9836c9b2c0834640512b0f9f701ac0b53185b3f89a9c37c7f9ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37803
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:49:46 GMT

GET
H2 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame B2D5 35 KB
14 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:28:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 26 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b26b4078bfb3b4d280ecdb6437a7f52bb8501225f815caa640c5a26ed36753b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7799
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:12 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 119 KB
37 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff08766ad9836c9b2c0834640512b0f9f701ac0b53185b3f89a9c37c7f9ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37803
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:49:46 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame CD7D 35 KB
13 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:28:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 26 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b26b4078bfb3b4d280ecdb6437a7f52bb8501225f815caa640c5a26ed36753b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7799
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:12 GMT

GET
DATA 200
OK truncated
/ Frame CD7D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD7D 2 KB
2 KB 34ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a302d878312c2e8428d5a1f602d74eaa3b6dce2316a31868d83671629554eca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:01:49 GMT
x-content-type-options: nosniff
age: 3339
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: fife
etag: "v198"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:10:51 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/3vQaQXcdLGc/ Frame CD7D 48 KB
48 KB 78ms
52ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3vQaQXcdLGc/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153a4f373e85732f1f4c6227a5673243879047ca888ce9c234481beb79b45ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48656
x-xss-protection: 0
server: sffe
etag: "1642632080"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Feb 2022 18:57:28 GMT

GET
DATA 200
OK truncated
/ Frame B2D5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B2D5 2 KB
2 KB 26ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a302d878312c2e8428d5a1f602d74eaa3b6dce2316a31868d83671629554eca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:01:49 GMT
x-content-type-options: nosniff
age: 3339
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: fife
etag: "v198"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:10:51 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/3vQaQXcdLGc/ Frame B2D5 48 KB
48 KB 80ms
61ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3vQaQXcdLGc/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153a4f373e85732f1f4c6227a5673243879047ca888ce9c234481beb79b45ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48656
x-xss-protection: 0
server: sffe
etag: "1642632080"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Feb 2022 18:57:28 GMT

GET
H2 200 dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-... Show response
adservice.google.com/ddm/fls/i/ Frame C37A 703 B
983 B 81ms
52ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D

Requested by

Host: 11668852.fls.doubleclick.net
URL: https://11668852.fls.doubleclick.net/activityi;dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b323782598cb03ff70291cc0e18f222679a2e93cc72ad919d7777a0e407ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://11668852.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Feb 2022 16:57:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 406ms
102ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=1270883&version=2.1.1&ref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&r=1645721848714
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 16:57:29 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384023492"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 43

GET
H3 204 generate_204
www.youtube.com/ Frame B2D5 0
9 B 13ms
11ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Kg91Fg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B2D5 4 KB
3 KB 72ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CD7D 4 KB
2 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 16:57:28 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CD7D 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vgq2mw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 92ms
92ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 16:57:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44819
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.32/ 53 KB
23 KB 311ms
96ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3w3fm7xuvk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&RedC=c.clarity.ms&MXFR=0F22B43626736B622AC3A5632273659D
https://c.clarity.ms/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&MUID=0AA92130DCFC6BB51C723065DD976A75

42 B
368 B

26ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&MUID=0AA92130DCFC6BB51C723065DD976A75
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
last-modified: Fri, 18 Feb 2022 21:27:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f9eac45e25d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 24 Feb 2022 16:57:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE36AC5C0FCB42588738297309ACF03F Ref B: FRAEDGE1512 Ref C: 2022-02-24T16:57:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=827552F248514C69876D0645C7E9CDAF&MUID=0AA92130DCFC6BB51C723065DD976A75
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/ 266 KB
96 KB 16ms
16ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 3c437979f11c70cac8489201563369af77c73fcb7ee19892577603ee18d9be3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame B2D5 52 KB
15 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 10:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 10:56:26 GMT

GET
H2 200 dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-... Show response
adservice.google.de/ddm/fls/i/ Frame 6ECE 194 B
870 B 80ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIrGsdHnmPYCFUbcGwodz_EBVw;src=11668852;type=ricoh0;cat=ricoh0;ord=9147463172339;gtm=2wg2g0;auiddc=90338987.1645721848;~oref=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Feb 2022 16:57:28 GMT
expires: Thu, 24 Feb 2022 16:57:28 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame CD7D 52 KB
15 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 10:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 10:56:26 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/57308425/configuration/setting/accountproperties/ 6 KB
2 KB 134ms
23ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/57308425/configuration/setting/accountproperties/?cb=lpCb11764x73072
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: c0f3270d744284358568596f24cbfb33ecaf7c12bd599007d8860d72fc1e043c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Thu, 24 Feb 2022 16:58:29 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/57308425/configuration/le-campaigns/ 7 KB
1 KB 145ms
39ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/57308425/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: b6a6295fa650c237eb119f1931d23c468753cd29e670aa017c1c191d50426a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Thu, 24 Feb 2022 16:58:29 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26ut...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3704850%26time%3D1645721848989%26url%3Dhttps%253A%252F%252Fus.ricoh-usa.com%252FR...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26ut...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26u...

0
263 B

187ms
168ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&liSync=true&e_ipv6=AQI6XbdTKbGvPwAAAX8sqo5K2EUtOMnSdZgMQ7rQKy7vmeNT9_TZgEwI4T6jGBc8xKpf2hZNrxVYLFTVc3SU_KSVibhQ
Requested by: Host: us.ricoh-usa.com
URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FDE5A1F20DDE4E44B83222E262E231A5 Ref B: FRAEDGE1220 Ref C: 2022-02-24T16:57:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYxno+b4O0Ro0WLKJnRw==
x-li-fabric: prod-ltx1

Redirect headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 58676280F4474403BEFDEB3E0244BE8E Ref B: FRAEDGE0922 Ref C: 2022-02-24T16:57:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3704850&time=1645721848989&url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&liSync=true&e_ipv6=AQI6XbdTKbGvPwAAAX8sqo5K2EUtOMnSdZgMQ7rQKy7vmeNT9_TZgEwI4T6jGBc8xKpf2hZNrxVYLFTVc3SU_KSVibhQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYxno7kyMnrKuIX6K60Q==

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ Frame 28CD 39 KB
16 KB 97ms
13ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fus.ricoh-usa.com&site=57308425&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: am-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 24 Feb 2022 17:07:29 GMT
cache-control: max-age=600

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 99ms
99ms Stylesheet
text/css 34.193.254.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-254-175.compute-1.amazonaws.com
Software: /
Resource Hash: b41571a341a9d98985e886bfb9cf99e6ab44f61fef68cad048bbdeed7c6446fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Feb 2022 16:57:29 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 392ms
98ms Fetch
image/jpeg 34.193.254.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-254-175.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Feb 2022 16:57:29 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/ 38 KB
15 KB 74ms
74ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fus.ricoh-usa.com&site=57308425&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: am-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 24 Feb 2022 17:07:29 GMT

GET
H2 200 57308425 Show response
va.v.liveperson.net/api/js/ 240 B
1 KB 694ms
235ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/57308425?&cb=lpCb71998x36875&t=sp&ts=1645721848969&pid=6627090895&tid=5957900240&pt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&u=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 6105cee0407a6700841aca8a0bfd90e086a4ab9474af1251edb6a743d0846bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:29 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 204 collect Show response
f.clarity.ms/ 0
70 B 184ms
183ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://us.ricoh-usa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://us.ricoh-usa.com
date: Thu, 24 Feb 2022 16:57:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1164755110&t=event&ni=1&_s=2&dl=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&ul=en-us&de=UTF-8&dt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=12mdiur&_u=aHDACUABBAAAAC~&jid=&gjid=&cid=1125449784.1645721848&tid=UA-33834817-1&_gid=1442688380.1645721848&gtm=2wg2g0N8NGN6&cg1=(not%20set)&cg2=(not%20set)%2F(not%20set)&cg3=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=1645721848152.t6g34x6m&cd99=Thu%20Feb%2024%202022%2016%3A57%3A28%20GMT%2B0000%20(GMT)&cd100=english&cd101=GTM-N8NGN6&cd102=566&cd103=CMS%20-%20UA%20Page%20Views&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=1125449784.1645721848&cd161=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F3w3fm7xuvk%2Fensntl%2F12mdiur&z=779261379

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68404
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
421 B 98ms
98ms XHR
text/plain 34.193.254.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=7D70cFJzNxduKZLVahpEbQ&is_js=true&landing_url=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&t=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&host=https://us.ricoh-usa.com&sa_conv_data_css_value=%20%220-aecffd1c-969c-459b-4308-fc58f4a50e12%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9ca7a08feec4f484d46c7806b04a48634d940971d
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-254-175.compute-1.amazonaws.com
Software: /
Resource Hash: 180e0be8163ef312329d239dcd4e7da0aae94c5472b5906552316ece51fd342b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 16:57:29 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://us.ricoh-usa.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H2 200 57308425 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 101ms
100ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/57308425?sid=LwTGn0GVQlKyTKLWc3MPBg&cb=lpCb62734x29554&t=pl&ts=1645721849354&pid=6627090895&tid=5957900240&vid=I2YWUwODYwODY1YzU5NmM2
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/57308425/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 3c7129c3f548754eae6f93216d3688c492e3bd3efe9a08ae2dc74247dc8e862c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
4 KB 78ms
59ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_39GR6H6Eq8JIEMl&Q_LOC=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&t=1645721850155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33f67cc670e19a93e269c582004c7effca7974458b88c8babe1af4938a7b0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380587
cf-polished: origSize=8435
cf-ray: 6e2a3bbb981f91e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 6
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-ChohSJCg4FzLSkF6T5Hh/Q2cmJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1164755110&t=event&ni=1&_s=1&dl=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&ul=en-us&de=UTF-8&dt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Details&ea=View%3A%20User%20Details&_u=aHDACUABBAAAAC~&jid=&gjid=&cid=1125449784.1645721848&tid=UA-33834817-1&_gid=1442688380.1645721848&gtm=2wg2g0N8NGN6&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=1645721850162.ghhao1t&cd99=Thu%20Feb%2024%202022%2016%3A57%3A30%20GMT%2B0000%20(GMT)&cd100=english&cd101=GTM-N8NGN6&cd102=566&cd103=UA%20Event%20-%20GA%20Client%20ID&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=1125449784.1645721848&cd6=1125449784.1645721848&z=765771062

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1164755110&t=timing&_s=3&dl=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D&ul=en-us&de=UTF-8&dt=RansomCare%20is%20an%20innovative%20security%20solution%20that%20contains%20security%20threats%20before%20they%20make%20the%20front%20page.%20%7C%20Ricoh%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3739&pdt=0&dns=0&rrt=0&srt=337&tcp=283&dit=1606&clt=1607&_gst=1737&_gbt=1775&_cst=1561&_cbt=1601&_u=aHDACUABBAAAAC~&jid=&gjid=&cid=1125449784.1645721848&tid=UA-33834817-1&_gid=1442688380.1645721848&gtm=2wg2g0N8NGN6&cg1=(not%20set)&cg2=(not%20set)%2F(not%20set)&cg3=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd96=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd98=1645721848152.t6g34x6m&cd99=Thu%20Feb%2024%202022%2016%3A57%3A28%20GMT%2B0000%20(GMT)&cd100=english&cd101=GTM-N8NGN6&cd102=566&cd103=CMS%20-%20UA%20Page%20Views&cd104=&cd105=desktop&cd154=(not%20set)&cd162=null&cd163=null&cd164=null&cd165=null&cd166=null&cd167=null&cd168=null&cd169=null&cd97=1125449784.1645721848&cd161=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F3w3fm7xuvk%2Fensntl%2F12mdiur&z=1741414780

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 21:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3vQaQXcdLGc Show response
www.youtube.com/embed/ Frame CD7D 59 KB
25 KB 63ms
63ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

609b8818ff87925b0a2a822f988ab8395a068c08a242790d91efe2b47b4eeecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Feb 2022 16:57:30 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe_api Show response
www.youtube.com/ 980 B
513 B 26ms
26ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ca9b0287e8e5408a5d54b9108a758705d3f6d61df4d6febe577cfeecb3c6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Thu, 24 Feb 2022 16:57:30 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/ad8ea84d/www-widgetapi.vflset/ 147 KB
47 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf407bbf228623d6e29b72c1b76317f1db1488d8ceb8b8efc1440014cf474e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48599
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 15:07:07 GMT

GET
H2 200 11.f94ae62479d5b3566b98.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 57 KB
18 KB 30ms
29ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=us.ricoh-usa.com

Requested by

Host: zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com
URL: https://zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_39GR6H6Eq8JIEMl&Q_LOC=https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo&t=1645721850155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 231429
cf-polished: origSize=59349
cf-ray: 6e2a3bbc091d91e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"e7d5-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H3 200 3vQaQXcdLGc Show response
www.youtube.com/embed/ Frame B2D5 59 KB
25 KB 113ms
113ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NGN6&gtm_auth=jR7Pp-Q373LrkAVu1w9MhQ&gtm_preview=env-393&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b109ff5b77694d7522889cca50a925c2ce9bd6c4a3959310799679ff62aa06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://us.ricoh-usa.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Feb 2022 16:57:30 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 72ms
72ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_39GR6H6Eq8JIEMl&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=us.ricoh-usa.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7368ffa2e10db569d67f3962a8128dd3c3390e5ec347329b590a1d8223cf15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.ricoh-usa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.ricoh-usa.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 99c56fe3122d96a8
cf-ray: 6e2a3bbc49b391e4-FRA

POST atr
www.youtube.com/api/stats/ Frame CD7D 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/ad8ea84d/ Frame CD7D 338 KB
46 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5289a943c0bc5db6b05683f78a4a5c242823725956b69d80e4d3395cd998dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47302
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 15:27:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/ Frame CD7D 276 KB
85 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0436ce2dd4e5ee2a6447af73f563b5cc8362b98cf2f8f8212e2f329d68876da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86692
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 2 MB
538 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bdaae44ce8a0219dc90ea21a6e99e1f065e78dd39a9129515da5c4efa7f3e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551255
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/ Frame CD7D 10 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD7D 15 KB
15 KB 46ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 193165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

POST atr
www.youtube.com/api/stats/ Frame B2D5 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/ad8ea84d/ Frame B2D5 338 KB
46 KB 13ms
11ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5289a943c0bc5db6b05683f78a4a5c242823725956b69d80e4d3395cd998dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 15:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47302
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Feb 2023 15:27:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/ Frame B2D5 276 KB
85 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0436ce2dd4e5ee2a6447af73f563b5cc8362b98cf2f8f8212e2f329d68876da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86692
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 2 MB
538 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bdaae44ce8a0219dc90ea21a6e99e1f065e78dd39a9129515da5c4efa7f3e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551255
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/ Frame B2D5 10 KB
3 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2D5 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 193165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CD7D 113 B
159 B 15ms
14ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1815aa3bc5c1995b040f37e7ae5b7be4cebac90c516cf1219dafd43afc9265c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CD7D 29 B
54 B 21ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:44:18 GMT
x-content-type-options: nosniff
age: 792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:59:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 119 KB
37 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff08766ad9836c9b2c0834640512b0f9f701ac0b53185b3f89a9c37c7f9ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37803
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:49:46 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame CD7D 35 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:28:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame CD7D 26 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b26b4078bfb3b4d280ecdb6437a7f52bb8501225f815caa640c5a26ed36753b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7799
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:12 GMT

GET
DATA 200
OK truncated
/ Frame CD7D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD7D 2 KB
2 KB 33ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a302d878312c2e8428d5a1f602d74eaa3b6dce2316a31868d83671629554eca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:01:49 GMT
x-content-type-options: nosniff
age: 3341
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: fife
etag: "v198"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:10:51 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/3vQaQXcdLGc/ Frame CD7D 48 KB
48 KB 33ms
15ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3vQaQXcdLGc/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153a4f373e85732f1f4c6227a5673243879047ca888ce9c234481beb79b45ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
age: 2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48656
x-xss-protection: 0
server: sffe
etag: "1642632080"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Feb 2022 18:57:28 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame B2D5 113 B
159 B 25ms
24ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9759413f63fabc1ab7506793c846d78602d90f618eca1e21d57793c53c026fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B2D5 29 B
54 B 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:44:18 GMT
x-content-type-options: nosniff
age: 792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Feb 2022 16:59:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 119 KB
37 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff08766ad9836c9b2c0834640512b0f9f701ac0b53185b3f89a9c37c7f9ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37803
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:49:46 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame B2D5 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 14:28:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/ Frame B2D5 26 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b26b4078bfb3b4d280ecdb6437a7f52bb8501225f815caa640c5a26ed36753b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 16:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7799
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 01:20:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Feb 2023 16:48:12 GMT

GET
DATA 200
OK truncated
/ Frame B2D5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B2D5 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRSFoWE7T9XeQvR57JzL_SOEIoVdRnmoH_nP8ffEQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a302d878312c2e8428d5a1f602d74eaa3b6dce2316a31868d83671629554eca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:01:49 GMT
x-content-type-options: nosniff
age: 3341
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: fife
etag: "v198"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:10:51 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/3vQaQXcdLGc/ Frame B2D5 48 KB
48 KB 7ms
7ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3vQaQXcdLGc/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153a4f373e85732f1f4c6227a5673243879047ca888ce9c234481beb79b45ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:28 GMT
x-content-type-options: nosniff
age: 2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48656
x-xss-protection: 0
server: sffe
etag: "1642632080"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Feb 2022 18:57:28 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CD7D 4 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 16:57:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CD7D 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Hw8vBw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B2D5 4 KB
2 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 16:57:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B2D5 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?9irhyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 16:57:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 91ms
91ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://us.ricoh-usa.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://us.ricoh-usa.com
date: Thu, 24 Feb 2022 16:57:30 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame CD7D 52 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 10:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 10:56:26 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame B2D5 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 10:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Feb 2022 10:56:26 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B2D5 28 B
54 B 23ms
23ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
X-YouTube-Client-Version: 1.20220222.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0OF9Vckt6d00wRSj68d6QBg%3D%3D
X-YouTube-Ad-Signals: dt=1645721850468&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C653%2C367&vis=1&wgl=true&ca_type=image&bid=ANyPxKrzsJM_hhKlL9XH70vP3HbTF847Y6lUHBRK0D81JucAZ_8nWVQJWb1pJegNvlDu6iqCu6AQ8tg5jq7usQIf9Zpth52Isg

Response headers

date: Thu, 24 Feb 2022 16:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 24 Feb 2022 16:57:32 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CD7D 28 B
54 B 24ms
23ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad8ea84d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/3vQaQXcdLGc?enablejsapi=1&origin=https%3A%2F%2Fus.ricoh-usa.com
X-YouTube-Client-Version: 1.20220222.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0OF9Vckt6d00wRSj68d6QBg%3D%3D
X-YouTube-Ad-Signals: dt=1645721850361&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C975%2C548&vis=1&wgl=true&ca_type=image&bid=ANyPxKrUzNt6ULWxvFQoVJiucR2xsftGNauTJ8WXr45Tgek2wUaD1_XFbOvkiuOC1vvZTSRqu250Ep2GnH0o2JfiwX2VWw9_lA

Response headers

date: Thu, 24 Feb 2022 16:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 24 Feb 2022 16:57:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/087d8a95-3f25-4bae-a1d1-db9ddffd72f5.woff2

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/0811514e-6660-4043-92c1-23d0b8caaa2f.woff2

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/ab1bcdf7-9570-4cba-a8e3-3e39ddd861db.woff

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/aeae8cac-ba4d-40d2-bbcf-936f2c7dcfe6.woff

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/83c94878-06c8-442c-a7df-d520b0ced00b.ttf

Domain: images.ricoh-usa.com
URL: https://images.ricoh-usa.com/Assets/Fonts/caedf2e6-fbef-4928-b08e-1f975981ae8d.ttf

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=4YDPaPfRiu0u0FGp&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fus.ricoh-usa.com%2F&lact=1690&cl=430310905&mos=0&volume=100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220222.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=37&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24166123%2C24169727%2C24170002%2C24173144&muted=0&vis=3&docid=3vQaQXcdLGc

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=0gDpEbYaOFC2EuU9&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fus.ricoh-usa.com%2F&lact=1867&cl=430310905&mos=0&volume=100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220222.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=37&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24116743%2C24134435%2C24135310%2C24165501%2C24166123%2C24169726%2C24170002&muted=0&vis=3&docid=3vQaQXcdLGc

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ricoh-usa.com/	1970-01-20 10:34:33	Name: ELOQUA Value: GUID=A2CB46FA08A64795A87983EC11D70931&FPCVISITED=1
.fonts.net/	1970-01-20 01:08:43	Name: __cf_bm Value: ydPuyjZX8_GVpwXoEfRUhvisotRNGfwFPtl5iSIZiLQ-1645721847-0-AcQmcfyvNaYSQ0RY8gXB9bTlqhFP7lLNsHkYMzO7mbZyV6xrrwJxz1LseunLlyVWBBEt37ojPl65yJWVpa5KpvQ=
.ricoh-usa.com/	1970-01-20 03:18:17	Name: _gcl_au Value: 1.1.90338987.1645721848
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2TS1Wd47aM8
.youtube.com/	1970-01-20 05:27:53	Name: VISITOR_INFO1_LIVE Value: t8_UrKzwM0E
.us.ricoh-usa.com/	1970-01-20 01:08:43	Name: pageviewCount Value: 1
.us.ricoh-usa.com/	1970-01-20 01:08:45	Name: rusa_campaign_details Value: utm_source=Eloqua&utm_medium=email&utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_term= undefined&utm_content= US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG
.ricoh-usa.com/	1970-01-20 18:39:53	Name: _ga Value: GA1.2.1125449784.1645721848
.ricoh-usa.com/	1970-01-20 01:10:08	Name: _gid Value: GA1.2.1442688380.1645721848
.ricoh-usa.com/	1970-01-20 01:08:41	Name: _gat_UA-33834817-1 Value: 1
us.ricoh-usa.com/	1970-01-20 01:08:43	Name: session Value: 1
.techtarget.com/	1970-01-20 01:08:43	Name: __cf_bm Value: K1fXxHmCPfMkZHItYtlhAOFtD8DStaMXkrgfI41iyUM-1645721848-0-ASJccNzf97d2RiBmBZxmZpa560k7FDY3Q1HbOJ72JQqNaNdoVMb7kSsLJvWKgiGcwDi7rbXnwoB5+ORjdzK+cqw=
www.clarity.ms/	1970-01-20 09:54:17	Name: CLID Value: 656233859f2540b4bc2782c3c37ea91d.20220224.20230224
.doubleclick.net/	1970-01-20 10:30:17	Name: IDE Value: AHWqTUkEJyaJ1GWhfNp_PiUE1Qp1QcDHBrfnsm1HIJeVL8juiUXCUy_ggOfx7fgs
.c.bing.com/	1970-01-20 10:30:17	Name: SRM_B Value: 0AA92130DCFC6BB51C723065DD976A75
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:30:17	Name: MUID Value: 0AA92130DCFC6BB51C723065DD976A75
.c.clarity.ms/	1970-01-20 01:08:42	Name: ANONCHK Value: 0
.linkedin.com/	1970-01-20 01:51:53	Name: UserMatchHistory Value: AQIaWzOv2ogumAAAAX8sqo0GE7G4YAXN-yrNgzWZ145Qat8FPLtmR64ihx44cpsxDrkJA5Qp1FLlcQ
.linkedin.com/	1970-01-20 01:51:53	Name: AnalyticsSyncHistory Value: AQI9QhAb_HJUrAAAAX8sqo0G32B2N4NBf3i2SMkLR_QpNzmEkOIMVVgKhWipAeOOeihtcM3RZUeH6Krk5ooLrw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:40:35	Name: bcookie Value: "v=2&0294d031-ffc6-4655-8ed3-d94736977784"
.linkedin.com/	1970-01-20 01:10:08	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2651:u=1:x=1:i=1645721849:t=1645808249:v=2:sig=AQH8JzQUpe2Uj_qREEeWYVaHwVaL5a1V"
tags.srv.stackadapt.com/	1970-01-20 09:54:17	Name: sa-user-id Value: s%3A0-aecffd1c-969c-459b-4308-fc58f4a50e12.yWWZS8S3hgYmmYR7eVIuHCKlreWUecqZJy%2FqnHgODTU
.srv.stackadapt.com/	1970-01-20 09:54:17	Name: sa-user-id-v2 Value: s%3Ars_9HJacRZtDCPxY9KUOEtlAlx0.qCKLkCTT6GQaZxPOpntOmZNEVd5eaVM4lpCPP5m538w
apt.techtarget.com/	1969-12-31 23:59:59	Name: TS01fac3f6 Value: 012c664659a18830e67c0f27120a21b644ed14c46d5e9212d1a64c9c5448eaacb02eed9b71922321469435fe331d4b9ceac5e93ddb
.ricoh-usa.com/	1970-01-20 09:54:17	Name: _clck Value: ensntl\|1\|ez9\|0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:40:35	Name: bscookie Value: "v=1&202202241657297ba650ee-d7e5-41b4-8cf9-a1ce35f9aa90AQFDAecZ_dc_Qnsq4vsFlfLyI3wNmuW1"
.linkedin.com/	1970-01-20 18:39:06	Name: li_gc Value: MTswOzE2NDU3MjE4NDk7MjswMjFSZr97FOw8sDYFcrsnR0JW8LujZGdB173rdoRdJMdNpQ==
.ricoh-usa.com/	1970-01-20 01:10:08	Name: _clsk Value: 12mdiur\|1645721849595\|1\|1\|f.clarity.ms/collect
.ricoh-usa.com/	1970-01-20 09:54:17	Name: LPVID Value: I2YWUwODYwODY1YzU5NmM2
.ricoh-usa.com/	1969-12-31 23:59:59	Name: LPSID-57308425 Value: LwTGn0GVQlKyTKLWc3MPBg
us.ricoh-usa.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fus.ricoh-usa.com%2FRansomCare1%3Futm_campaign%3DUS-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel%26utm_medium%3Demail%26utm_source%3DEloqua%26utm_content%3DUS_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG%26Elqcampid%3D1985%26Rforcecampid%3D%23demo~1645721850355

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/087d8a95-3f25-4bae-a1d1-db9ddffd72f5.woff2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/0811514e-6660-4043-92c1-23d0b8caaa2f.woff2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/ab1bcdf7-9570-4cba-a8e3-3e39ddd861db.woff Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/aeae8cac-ba4d-40d2-bbcf-936f2c7dcfe6.woff Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/83c94878-06c8-442c-a7df-d520b0ced00b.ttf Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images.ricoh-usa.com/Assets/Fonts/caedf2e6-fbef-4928-b08e-1f975981ae8d.ttf Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://us.ricoh-usa.com/RansomCare1?utm_campaign=US-202201-GEN-DWP-EM-ITS-RansomCare_IT_Personnel&utm_medium=email&utm_source=Eloqua&utm_content=US_CROSS_RansomCare_Email5_ITPersonnel_Q4FY21_MKTG&Elqcampid=1985&Rforcecampid=#demo Message: Refused to execute script from 'https://us.ricoh-usa.com/mtiFontTrackingCode.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQV9JLL&l=dataLayer(Line 50) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11668852.fls.doubleclick.net
accdn.lpsnmedia.net
adservice.google.com
adservice.google.de
apt.techtarget.com
c.bing.com
c.clarity.ms
cdn.reachforce.com
f.clarity.ms
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images.learn.ricoh-usa.com
images.ricoh-usa.com
img.en25.com
img03.en25.com
js.idio.co
lpcdn.lpsnmedia.net
lptag.liveperson.net
px.ads.linkedin.com
px4.ads.linkedin.com
reveal.clearbit.com
s2073603363.t.eloqua.com
sfc.leadspace.com
sfgw.leadspace.com
siteintercept.qualtrics.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
tags.srv.stackadapt.com
trk.techtarget.com
unpkg.com
us.ricoh-usa.com
va.v.liveperson.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
zn_39gr6h6eq8jieml-ricoh.siteintercept.qualtrics.com
images.ricoh-usa.com
www.youtube.com
104.17.209.240
104.89.22.29
13.107.42.14
142.0.160.13
142.0.160.17
142.250.185.102
142.250.186.130
178.249.101.23
178.249.101.98
178.249.97.99
18.169.101.100
18.66.112.62
20.84.22.197
206.19.49.24
208.89.12.87
2606:4700::6810:7aaf
2606:4700::6811:e14e
2606:4700::6812:15c
2620:1ec:21::14
2620:1ec:27::cafe:1377
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2016
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c0b::9b
2a03:5f80:a::b212:e7d1
34.193.254.175
34.230.252.46
34.75.172.129
35.190.114.154
52.142.114.2
95.100.153.81
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
00d1a82b98d15ec0f2d8f9cd5eb623108a9829432bb043b6373327b55b645f60
01ee419c70685184668f0bf59b28c7d675145629b6e7fd1ced3adefef1443fd4
050f6a11a7d73316a9bf1d9214aeeba2f1105cfc8e3a837707dd8a0d27e7cc2c
052b87785f054b27e18ede302e8b9fe2b656f479e215203f88f47989ce2669eb
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0645386b306fc6a2e7a59f44e38fb44e53c519a4ba0f0701e0caa07e9ab601d6
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
097bbf8aa7687ad3aea001d495a0e33468bf1d97a5a5515b3c1f6aff8f9cd95f
0b323782598cb03ff70291cc0e18f222679a2e93cc72ad919d7777a0e407ea61
136c1a1fb156066c47e5a1d5bd89b407f9a72ef3f3cf18ba8c824b1fd0a50658
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
153a4f373e85732f1f4c6227a5673243879047ca888ce9c234481beb79b45ba6
180e0be8163ef312329d239dcd4e7da0aae94c5472b5906552316ece51fd342b
1b26b4078bfb3b4d280ecdb6437a7f52bb8501225f815caa640c5a26ed36753b
1d290cc25b539d14c7d918e748cfcb8c6bf96ce2469f1926b88f30ecb9ac90d1
1e49ab725bc872eea326f1ff5a47abcfa71c83cb2fe2b1e7db037c4552b913c0
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
2bdaae44ce8a0219dc90ea21a6e99e1f065e78dd39a9129515da5c4efa7f3e72
2cced2cba4378d17b501688665dff637a8d167932146d8d91c0bbc77a8c7195a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31c40234e0723864e3057439a8d6a4adb5a80f41a125aabf0068f1979d31287d
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3537916dcbd9bc33e3e32b663796e40d7a7f4fc218da1bb1ce70d6629dbfc284
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37ca9b0287e8e5408a5d54b9108a758705d3f6d61df4d6febe577cfeecb3c6c0
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3c437979f11c70cac8489201563369af77c73fcb7ee19892577603ee18d9be3c
3c7129c3f548754eae6f93216d3688c492e3bd3efe9a08ae2dc74247dc8e862c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea
4acff08766ad9836c9b2c0834640512b0f9f701ac0b53185b3f89a9c37c7f9ea
4b109ff5b77694d7522889cca50a925c2ce9bd6c4a3959310799679ff62aa06c
4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2
5289a943c0bc5db6b05683f78a4a5c242823725956b69d80e4d3395cd998dfd5
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515
609b8818ff87925b0a2a822f988ab8395a068c08a242790d91efe2b47b4eeecd
6105cee0407a6700841aca8a0bfd90e086a4ab9474af1251edb6a743d0846bd0
646e87b4e85b229ea62ffaff04eb7731dc60c6b29ea71f3e5189f4655213a5be
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
8c2ee5183b2c33697c58d558d6f5ed572cff760ecdbfea59096f5545e015e787
9759413f63fabc1ab7506793c846d78602d90f618eca1e21d57793c53c026fab
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a165e20fdb601bc10560fc10bcaa2bbc5bcaf799d47275dcbe2dd9eb16006f2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a302d878312c2e8428d5a1f602d74eaa3b6dce2316a31868d83671629554eca2
a38c80d5d83c300892f710ce0c2d31f4d9cec126c22f1b0773440e5def439479
a90d4ed3e88a6b831192e740ae27dd557c222d215d3b3c5b1ba8069a1fd2639e
a9da8811a3e213f0246fc0a097f2a24750ac03e94bf383dd6159c2e8d6107874
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
b41571a341a9d98985e886bfb9cf99e6ab44f61fef68cad048bbdeed7c6446fd
b6a6295fa650c237eb119f1931d23c468753cd29e670aa017c1c191d50426a6c
bdcb483bed70d32e6df58da5d2db69a934f47b31cdcba6ed94c130dbd9eb314c
bea1703a734e590c7de2696315c0a54deb2b0ccb21ccd961e25c96044ed3a5ac
c0f3270d744284358568596f24cbfb33ecaf7c12bd599007d8860d72fc1e043c
c33f67cc670e19a93e269c582004c7effca7974458b88c8babe1af4938a7b0d0
c6df60745164e0e3547008af5628bddf4f40b6a7a19fc9d1f43efe34c7427883
ca3c268077669ffd6e4179997d8efb1951997139308e404bcc0d22b146930360
cadaa49ffc1bbe3cc8f35a946be41cc8b2d33fe96e218e259fd7b5c4e8a02727
cbeaca66e050e07181dadbb619502932c5f365bfa99e2cb3fbe852bccf84174e
cc026f88961dfeec90283c253db42a2b491854ca707788e29cd5d5788da21e1e
cc94e55155661db6998eab90f7aff21dbfdc5ea25a4e0b397f31ce9ad48dceda
cf407bbf228623d6e29b72c1b76317f1db1488d8ceb8b8efc1440014cf474e35
d63d33090f8964c45cc95d22fc81e1d1421bf752cc02dca6f58d6720e610c059
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd030ceb9088bba9907ec4c2a37c04537304a735294dca6ca7e08e7e4250b614
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d5cbef0cdd4582db206acd5e3a173e27d742221a59eed3155b0afb34ac63ac
e3a79540990e8c4f062e1ab2a4c3ff700834b560ee3088fb309dd6819db02ff5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7368ffa2e10db569d67f3962a8128dd3c3390e5ec347329b590a1d8223cf15a
ebfda6cb56735caf4ffc9c08abe12ebaf819c229fccfb5fe7d083dc0de6b64db
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef145d12e987e7f7c66e05fc16af78faf7b1e848da4c19fc3647eebb00e97d0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0436ce2dd4e5ee2a6447af73f563b5cc8362b98cf2f8f8212e2f329d68876da
f1815aa3bc5c1995b040f37e7ae5b7be4cebac90c516cf1219dafd43afc9265c
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f416e0482e4dd319ca5441ab693f6122be12f3d7735d801d54f58175ef41d567
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

us.ricoh-usa.com Open in urlscan Pro 142.0.160.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

157 Requests

89 %HTTPS

51 %IPv6

29 Domains

47 Subdomains

41 IPs

7 Countries

4514 kBTransfer

14707 kBSize

34 Cookies

5 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.ricoh-usa.com Open in urlscan Pro
142.0.160.17 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

89 %
HTTPS

51 %
IPv6

29
Domains

47
Subdomains

41
IPs

7
Countries

4514 kB
Transfer

14707 kB
Size

34
Cookies

157 HTTP transactions
4 data transactions