urlscan.io logo urlscan.io
SecurityTrails logo

ondemand.eoriginal.com Open in urlscan Pro
216.83.189.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ondemand.eoriginal.com/ssweb/login.eo?t=2DFrMGbHx3zB2xD4854y
Effective URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Submission: On January 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 22 domains to perform 125 HTTP transactions. The main IP is 216.83.189.214, located in United States and belongs to UNITAS, US. The main domain is ondemand.eoriginal.com. The Cisco Umbrella rank of the primary domain is 259756.
TLS certificate: Issued by Entrust Certification Authority - L1M on August 22nd 2023. Valid for: a year.
This is the only time ondemand.eoriginal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 35 216.83.189.214 1828 (UNITAS)
43 104.239.247.206 33070 (RMH-14)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:26d... 16509 (AMAZON-02)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.190.8.230 15169 (GOOGLE)
1 3 142.250.74.198 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 8 98.98.134.241 21859 (ZEN-ECN)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 34.223.164.215 16509 (AMAZON-02)
1 18.66.192.3 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 52.18.171.221 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2600:9000:244... 16509 (AMAZON-02)
1 18.173.187.24 16509 (AMAZON-02)
1 18.173.187.98 16509 (AMAZON-02)
1 52.51.36.206 16509 (AMAZON-02)
1 54.77.16.191 16509 (AMAZON-02)
125 27
35    216.83.189.214 (United States)

ASN1828 (UNITAS, US)
ondemand.eoriginal.com
43    104.239.247.206 (United States)

ASN33070 (RMH-14, US)
www.origin.bank
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2600:9000:26da:c600:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.glia.com
9    2606:4700:20::681a:146 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
1    35.190.8.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.8.190.35.bc.googleusercontent.com
static.srcspot.com
3    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
8704941.fls.doubleclick.net
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
8    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-a.basis.net
pixel.sitescout.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.223.164.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-164-215.us-west-2.compute.amazonaws.com
ads.nextdoor.com
flask.nextdoor.com
1    18.66.192.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-3.muc50.r.cloudfront.net
js.ipredictive.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    52.18.171.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-171-221.eu-west-1.compute.amazonaws.com
log.cookieyes.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:9000:2449:4600:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
libs.salemove.com
1    18.173.187.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-24.muc50.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.173.187.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-98.muc50.r.cloudfront.net
assets-tracking.crazyegg.com
1    52.51.36.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-36-206.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    54.77.16.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-16-191.eu-west-1.compute.amazonaws.com
directory.cookieyes.com
Apex Domain
Subdomains		 Transfer
43 origin.bank
www.origin.bank — Cisco Umbrella Rank: 758875
668 KB
35 eoriginal.com
ondemand.eoriginal.com — Cisco Umbrella Rank: 259756
901 KB
9 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 10885
83 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2238
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5205
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5306
tracking.crazyegg.com — Cisco Umbrella Rank: 4181
37 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
www.linkedin.com — Cisco Umbrella Rank: 632
px4.ads.linkedin.com — Cisco Umbrella Rank: 6550
5 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3086
458 B
4 basis.net
pixel-a.basis.net — Cisco Umbrella Rank: 27979
273 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
202 KB
3 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 12071
directory.cookieyes.com — Cisco Umbrella Rank: 13911
567 B
3 doubleclick.net
8704941.fls.doubleclick.net
2 KB
2 salemove.com
libs.salemove.com — Cisco Umbrella Rank: 16961
168 KB
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 6895
flask.nextdoor.com — Cisco Umbrella Rank: 6554
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
71 KB
2 glia.com
api.glia.com — Cisco Umbrella Rank: 15156
20 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 18294
2 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 98
592 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783
16 KB
1 srcspot.com
static.srcspot.com — Cisco Umbrella Rank: 16323
35 KB
125 22
Domain Requested by
43 www.origin.bank ondemand.eoriginal.com
www.origin.bank
35 ondemand.eoriginal.com 3 redirects ondemand.eoriginal.com
9 cdn-cookieyes.com www.origin.bank
cdn-cookieyes.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 pixel.sitescout.com 8704941.fls.doubleclick.net
www.origin.bank
4 pixel-a.basis.net 4 redirects
4 script.crazyegg.com www.origin.bank
script.crazyegg.com
4 www.googletagmanager.com www.origin.bank
www.googletagmanager.com
3 8704941.fls.doubleclick.net 1 redirects www.googletagmanager.com
8704941.fls.doubleclick.net
2 libs.salemove.com api.glia.com
libs.salemove.com
2 log.cookieyes.com cdn-cookieyes.com
2 connect.facebook.net ondemand.eoriginal.com
connect.facebook.net
2 api.glia.com www.origin.bank
api.glia.com
2 fonts.googleapis.com www.origin.bank
1 directory.cookieyes.com cdn-cookieyes.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 flask.nextdoor.com www.origin.bank
1 www.facebook.com www.origin.bank
1 px4.ads.linkedin.com www.origin.bank
1 www.linkedin.com 1 redirects
1 js.ipredictive.com www.googletagmanager.com
1 ads.nextdoor.com ondemand.eoriginal.com
1 p.typekit.net use.typekit.net
1 adservice.google.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.srcspot.com www.origin.bank
1 use.typekit.net www.origin.bank
125 30

This site contains links to these domains. Also see Links.

Domain
www.wolterskluwer.com
Subject Issuer Validity Valid
ondemand.eoriginal.com
Entrust Certification Authority - L1M		 2023-08-22 -
2024-07-21		 a year crt.sh
*.origin.bank
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2025-01-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
*.glia.com
Amazon RSA 2048 M01		 2023-06-18 -
2024-07-15		 a year crt.sh
cdn-cookieyes.com
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
static.srcspot.com
GTS CA 1D4		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2024-01-15 -
2025-02-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-07 -
2024-02-05		 3 months crt.sh
nextdoor.com
Amazon RSA 2048 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
log.cookieyes.com
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-24		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
directory.cookieyes.com
Amazon RSA 2048 M02		 2023-03-03 -
2024-04-01		 a year crt.sh

This page contains 7 frames:

Primary Page: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Frame ID: FA591CFC7B818354870BD136C1AC145D
Requests: 32 HTTP requests in this frame

Frame: https://www.origin.bank/estatementdisclosure/
Frame ID: C98A04DFD9B49DEFA39BCB09EE1CB118
Requests: 87 HTTP requests in this frame

Frame: https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Frame ID: 9415070E7E78E229B8E03FC1B86C0A71
Requests: 1 HTTP requests in this frame

Frame: https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Frame ID: 4909FC6A934DBB9D47B79DF9567A345B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0AA173A21FE6F70C2D882E3C9416DC7C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtm/static/sw_iframe.html?origin=https%3A%2F%2Fwww.origin.bank
Frame ID: F270C77E67CF6A80406CD6FD295C9772
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: AA9287806C23DF8D92191AC8EBDFF4E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Origin Bank SmartSign Web

Page URL History Show full URLs

  1. https://ondemand.eoriginal.com/ssweb/login.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
    https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
    https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo Page URL
  2. https://ondemand.eoriginal.com/ssweb/browserDetectionSubmit.eo HTTP 302
    https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

125
Requests

96 %
HTTPS

52 %
IPv6

22
Domains

30
Subdomains

27
IPs

3
Countries

2228 kB
Transfer

5836 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ondemand.eoriginal.com/ssweb/login.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
    https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
    https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo Page URL
  2. https://ondemand.eoriginal.com/ssweb/browserDetectionSubmit.eo HTTP 302
    https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ondemand.eoriginal.com/ssweb/login.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
  • https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y HTTP 302
  • https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Request Chain 78
  • https://8704941.fls.doubleclick.net/activityi;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F HTTP 302
  • https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Request Chain 81
  • https://adservice.google.com/ddm/fls/i/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F HTTP 302
  • https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Request Chain 88
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 89
  • https://pixel-a.basis.net/iap/d3bf089a07d11314 HTTP 301
  • https://pixel.sitescout.com/iap/d3bf089a07d11314
Request Chain 92
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 93
  • https://pixel-a.basis.net/up/5b449921f0086aad?cntr_url= HTTP 301
  • https://pixel.sitescout.com/up/5b449921f0086aad?cntr_url=
Request Chain 96
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2537876%26time%3D1706538722258%26url%3Dhttps%253A%252F%252Fwww.origin.bank%252Festatementdisclosure%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true&e_ipv6=AQKc4LHwDMniMAAAAY1VomZ3Tetj3RR6i3VSLyrqBT2eeybWe8oYoG1Ri2KudJ5VHwjiqwQ

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
browserDetectionPage.eo
ondemand.eoriginal.com/ssweb/
Redirect Chain
  • https://ondemand.eoriginal.com/ssweb/login.eo?t=2DFrMGbHx3zB2xD4854y
  • https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
  • https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
756 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
19d6859e3683c2404bfc10f499e3ff4f48d055a1e6bdc582c92032156eb8e341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-cache, no-store, max-age=0
Connection
keep-alive Keep-Alive
Content-Language
de-DE
Content-Length
756
Content-Type
text/html;charset=utf-8
Date
Mon, 29 Jan 2024 14:31:58 GMT
Expires
-1
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive Keep-Alive
Content-Language
de-DE
Content-Length
0
Content-Security-Policy
default-src 'self' https:; img-src * data: blob:; object-src 'self'; base-uri 'self'; frame-ancestors 'self' https:; style-src 'self' 'nonce-CtEje94bqD/Wd2Vx8XNa8wkSH3Dxq7SocH579Krxo1g=' 'unsafe-hashes' 'sha256-2Ohx/ATsoWMOlFyvs2k+OujvqXKOHaLKZnHMV8PRbIc=' 'sha256-65mkwZPt4V1miqNM9CcVYkrpnlQigG9H6Vi9OM/JCgY=' 'sha256-YcAFp/goa4oZ/go0L/bJqARj1OFlyN88mkdtnxxdwqY=' 'sha256-PYJPy/i8uUXcvkFF68DWnALx/J1N5ddtrcRgEmORra8=' 'sha256-Johd5Ih43fYn+gVlcl7EGWAfQnsT/3vIvaiKxHXXHgc=' 'sha256-FICANCZamj/DX3lvcVNNj99LzpLFKnTI/DkvPLngmZU=' 'sha256-B6LEPigs3viM+y/BwYQU665laXgIDFgp+sr+sdoaJqQ=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-b4jClGxyuFDWBpkc6UnkYSjZrjlOlzSe8nO1fOutb4k=' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=' 'sha256-Vqsp/m0fMJLlcUbJCvw/t/sjK/rnj7YJPIh5pycjaEU=' 'sha256-dzoWvH+kSiPgAA2qVaQGkWziv73LO3ghy2Nj67dcImY=' 'sha256-Ut79aLjs3fC5UtVv26l2r+kyv/4DhifGEM6YG3xXOyo=' https:; script-src 'self' 'strict-dynamic' 'nonce-CtEje94bqD/Wd2Vx8XNa8wkSH3Dxq7SocH579Krxo1g=' https:;
Date
Mon, 29 Jan 2024 14:31:58 GMT
Expires
0
Location
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
jquery.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
88144
X-XSS-Protection
1; mode=block
jquery.migrate.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.migrate.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
11421
X-XSS-Protection
1; mode=block
modernizr.custom.js
ondemand.eoriginal.com/ssweb/js/lib/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/modernizr.custom.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:40 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
11389
X-XSS-Protection
1; mode=block
js.cookie.js
ondemand.eoriginal.com/ssweb/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/js.cookie.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:40 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
1721
X-XSS-Protection
1; mode=block
featureDetection.js
ondemand.eoriginal.com/ssweb/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/featureDetection.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:58 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:30 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
6100
X-XSS-Protection
1; mode=block
Primary Request showLogin.eo
ondemand.eoriginal.com/ssweb/
Redirect Chain
  • https://ondemand.eoriginal.com/ssweb/browserDetectionSubmit.eo
  • https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
19 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/js/featureDetection.js?eOv=24.0.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
cd719760c9774aa38b8e00debd9a937d2dd1df253c45a41c5560f67b072b737c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; img-src * data: blob:; object-src 'self'; base-uri 'self'; frame-ancestors 'self' https:; style-src 'self' 'nonce-gzQAv/4rrVyGNnnMv9ORkdTraV1jcaRkJje07MWSrtQ=' 'unsafe-hashes' 'sha256-2Ohx/ATsoWMOlFyvs2k+OujvqXKOHaLKZnHMV8PRbIc=' 'sha256-65mkwZPt4V1miqNM9CcVYkrpnlQigG9H6Vi9OM/JCgY=' 'sha256-YcAFp/goa4oZ/go0L/bJqARj1OFlyN88mkdtnxxdwqY=' 'sha256-PYJPy/i8uUXcvkFF68DWnALx/J1N5ddtrcRgEmORra8=' 'sha256-Johd5Ih43fYn+gVlcl7EGWAfQnsT/3vIvaiKxHXXHgc=' 'sha256-FICANCZamj/DX3lvcVNNj99LzpLFKnTI/DkvPLngmZU=' 'sha256-B6LEPigs3viM+y/BwYQU665laXgIDFgp+sr+sdoaJqQ=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-b4jClGxyuFDWBpkc6UnkYSjZrjlOlzSe8nO1fOutb4k=' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=' 'sha256-Vqsp/m0fMJLlcUbJCvw/t/sjK/rnj7YJPIh5pycjaEU=' 'sha256-dzoWvH+kSiPgAA2qVaQGkWziv73LO3ghy2Nj67dcImY=' 'sha256-Ut79aLjs3fC5UtVv26l2r+kyv/4DhifGEM6YG3xXOyo=' https:; script-src 'self' 'strict-dynamic' 'nonce-gzQAv/4rrVyGNnnMv9ORkdTraV1jcaRkJje07MWSrtQ=' https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-cache, no-store, max-age=0
Connection
keep-alive Keep-Alive
Content-Language
de-DE
Content-Security-Policy
default-src 'self' https:; img-src * data: blob:; object-src 'self'; base-uri 'self'; frame-ancestors 'self' https:; style-src 'self' 'nonce-gzQAv/4rrVyGNnnMv9ORkdTraV1jcaRkJje07MWSrtQ=' 'unsafe-hashes' 'sha256-2Ohx/ATsoWMOlFyvs2k+OujvqXKOHaLKZnHMV8PRbIc=' 'sha256-65mkwZPt4V1miqNM9CcVYkrpnlQigG9H6Vi9OM/JCgY=' 'sha256-YcAFp/goa4oZ/go0L/bJqARj1OFlyN88mkdtnxxdwqY=' 'sha256-PYJPy/i8uUXcvkFF68DWnALx/J1N5ddtrcRgEmORra8=' 'sha256-Johd5Ih43fYn+gVlcl7EGWAfQnsT/3vIvaiKxHXXHgc=' 'sha256-FICANCZamj/DX3lvcVNNj99LzpLFKnTI/DkvPLngmZU=' 'sha256-B6LEPigs3viM+y/BwYQU665laXgIDFgp+sr+sdoaJqQ=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-b4jClGxyuFDWBpkc6UnkYSjZrjlOlzSe8nO1fOutb4k=' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=' 'sha256-Vqsp/m0fMJLlcUbJCvw/t/sjK/rnj7YJPIh5pycjaEU=' 'sha256-dzoWvH+kSiPgAA2qVaQGkWziv73LO3ghy2Nj67dcImY=' 'sha256-Ut79aLjs3fC5UtVv26l2r+kyv/4DhifGEM6YG3xXOyo=' https:; script-src 'self' 'strict-dynamic' 'nonce-gzQAv/4rrVyGNnnMv9ORkdTraV1jcaRkJje07MWSrtQ=' https:;
Content-Type
text/html;charset=UTF-8
Date
Mon, 29 Jan 2024 14:31:59 GMT
Expires
-1
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-control
no-cache, no-store, max-age=0
Connection
keep-alive Keep-Alive
Content-Language
de-DE
Content-Length
0
Date
Mon, 29 Jan 2024 14:31:58 GMT
Expires
-1
Location
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
jquery-ui.structure.css
ondemand.eoriginal.com/ssweb/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/css/jquery-ui.structure.css?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
612f0adaa66d6266e32e361199e7858e45a3409c58805094008a2fe55bda28e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:24:06 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
text/css; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
19056
X-XSS-Protection
1; mode=block
bootstrap.css
ondemand.eoriginal.com/ssweb/css/ 		168 KB
168 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/css/bootstrap.css?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
a04a184ccefeeff079a406935012c96e8c55fb5e427398c79092073710633092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
text/css; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
171714
X-XSS-Protection
1; mode=block
signing-room-styles.css
ondemand.eoriginal.com/ssweb/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/css/signing-room-styles.css?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
ec86b247411109e443a494abc6ff5a0810dc9f803b9c808ccfc566509fb4e00c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
text/css; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
21658
X-XSS-Protection
1; mode=block
landing.js
ondemand.eoriginal.com/ssweb/js/ 		245 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/landing.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
549a01c61fbd4f23eeabcc9ce61274afac8db955620d0dc07bb271937857c80d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:30 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
245
X-XSS-Protection
1; mode=block
jquery.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
88144
X-XSS-Protection
1; mode=block
jquery.migrate.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.migrate.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
11421
X-XSS-Protection
1; mode=block
popper.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/popper.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
78be41fa19e6180796d441affa01521655cbd079179e9eedca6e70f70f8bfc61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:44 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
19875
X-XSS-Protection
1; mode=block
bootstrap.js
ondemand.eoriginal.com/ssweb/js/lib/ 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/bootstrap.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
a1718cee7be02b9ca16392b5fafa6014998645a7e51db332000af014762b44be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:32 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
61236
X-XSS-Protection
1; mode=block
jasny-bootstrap.js
ondemand.eoriginal.com/ssweb/js/lib/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jasny-bootstrap.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
2c09cf461ded75b4602b0c8d0113b24d1624e9691cb871519bdce669b46e2fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:34 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
16327
X-XSS-Protection
1; mode=block
websign-common.js
ondemand.eoriginal.com/ssweb/js/ 		876 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/websign-common.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
efb692bd79e9a2a1185c1dec8d36f4bec08d68b60df8a4f732f11b15298236d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:52 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
876
X-XSS-Protection
1; mode=block
jquery-ui.theme.min.css
ondemand.eoriginal.com/ssweb/css/smoothness/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/css/smoothness/jquery-ui.theme.min.css?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
d54e30bf883c608dfc4ed8da6255d7459ce647318b9ccfa07b54715c286478d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:24:06 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
text/css; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
14235
X-XSS-Protection
1; mode=block
jquery-ui.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		247 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery-ui.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
2c1f11ed54942a40abc8ce193d853a981c0385625984ec9b79f35a730f7b5dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
252945
X-XSS-Protection
1; mode=block
jquery.timers-1.2.js
ondemand.eoriginal.com/ssweb/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.timers-1.2.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
3521f70f84e06bd9f1d8c11cda010d5884cf8f6fa056ef793806b6d8dc042d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:38 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
1822
X-XSS-Protection
1; mode=block
jquery.bgiframe.js
ondemand.eoriginal.com/ssweb/js/lib/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.bgiframe.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
03bc2c85babf732cd18963f714d0ccb1ec30a5790b97a63903ee6a1fadade5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:36 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
1265
X-XSS-Protection
1; mode=block
commons-validator-js.min.js
ondemand.eoriginal.com/ssweb/js/lib/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/commons-validator-js.min.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
8e27dc5b8d1ba01d8b639644b45bd4ed78eef63378fdc34576177f44a11eb0e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:56 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
31605
X-XSS-Protection
1; mode=block
termsConditionsDialog.js
ondemand.eoriginal.com/ssweb/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/termsConditionsDialog.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
559784c45f353ef7d3c7bb05d53b185851918be823091362c126b08130d53e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:50 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
2128
X-XSS-Protection
1; mode=block
jquery.textfill.js
ondemand.eoriginal.com/ssweb/js/lib/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lib/jquery.textfill.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
0185247637ab041f6c9eae053583558095b9e6c842a4d9e5b5a991c4d88bbdfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:38 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
2233
X-XSS-Protection
1; mode=block
lockedSignature-common.js
ondemand.eoriginal.com/ssweb/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/lockedSignature-common.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
7e9566e6734fe1a735cb6e1e6767889e03308e73968aa8de52f64180135a336b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:46 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
2581
X-XSS-Protection
1; mode=block
destinationLogin.js
ondemand.eoriginal.com/ssweb/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/destinationLogin.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
810d3c9db6200c21d964b8092b6d1c123ae13ee63f1fcaeee9d52cd746a57e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:28 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
6508
X-XSS-Protection
1; mode=block
canvas.js
ondemand.eoriginal.com/ssweb/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/canvas.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
347370bc95d9556ff9c3b8320e0da338a520468dc1c6366c8e9fbd9703e31b04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:31:59 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:26 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
1715
X-XSS-Protection
1; mode=block
mouseSignature.js
ondemand.eoriginal.com/ssweb/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/js/mouseSignature.js?eOv=24.0.0.2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
3fcf9e537c85629c63efe9ee01031a54094cf1ca53040d2f1faad40f2499f494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:32:00 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:29:48 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/javascript; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
6053
X-XSS-Protection
1; mode=block
logo.eo
ondemand.eoriginal.com/ssweb/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondemand.eoriginal.com/ssweb/logo.eo?orgSid=12669&transactionTypeSid=
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
e5aeac1bf179a4af7fd5d7446fff7991f2d56edeb294f56a7ae2f247afa0781a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; img-src * data: blob:; object-src 'self'; base-uri 'self'; frame-ancestors 'self' https:; style-src 'self' 'nonce-xwAIO2qLyn9qpxNIrhOvrAPVnkEay2kgWZHHmEXpfQs=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-b4jClGxyuFDWBpkc6UnkYSjZrjlOlzSe8nO1fOutb4k=' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=' 'sha256-Vqsp/m0fMJLlcUbJCvw/t/sjK/rnj7YJPIh5pycjaEU=' 'sha256-dzoWvH+kSiPgAA2qVaQGkWziv73LO3ghy2Nj67dcImY=' 'sha256-Ut79aLjs3fC5UtVv26l2r+kyv/4DhifGEM6YG3xXOyo=' https:; script-src 'self' 'strict-dynamic' 'nonce-xwAIO2qLyn9qpxNIrhOvrAPVnkEay2kgWZHHmEXpfQs=' https:;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' https:; img-src * data: blob:; object-src 'self'; base-uri 'self'; frame-ancestors 'self' https:; style-src 'self' 'nonce-xwAIO2qLyn9qpxNIrhOvrAPVnkEay2kgWZHHmEXpfQs=' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' 'sha256-b4jClGxyuFDWBpkc6UnkYSjZrjlOlzSe8nO1fOutb4k=' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=' 'sha256-Vqsp/m0fMJLlcUbJCvw/t/sjK/rnj7YJPIh5pycjaEU=' 'sha256-dzoWvH+kSiPgAA2qVaQGkWziv73LO3ghy2Nj67dcImY=' 'sha256-Ut79aLjs3fC5UtVv26l2r+kyv/4DhifGEM6YG3xXOyo=' https:; script-src 'self' 'strict-dynamic' 'nonce-xwAIO2qLyn9qpxNIrhOvrAPVnkEay2kgWZHHmEXpfQs=' https:;
Date
Mon, 29 Jan 2024 14:32:00 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Content-Disposition
inline
Connection
keep-alive, Keep-Alive
Content-Length
3482
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Referrer-Policy
same-origin
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Language
de-DE
Content-Type
image/png; charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
0
/
www.origin.bank/estatementdisclosure/ Frame C98A 		777 KB
124 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/estatementdisclosure/
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/showLogin.eo?t=2DFrMGbHx3zB2xD4854y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c8acdb47c7f667bb9278e7a9fb087bc1f74e99a7e64b11a244885466ea96ff17
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-type
text/html
date
Mon, 29 Jan 2024 14:17:34 GMT
etag
W/"65b7ae31-c2259"
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
x-frame-options
allow-from https://onlineapps.ibanking-services.com
x-xss-protection
1; mode=block
ui-bg_glass_95_fef1ec_1x400.png
ondemand.eoriginal.com/ssweb/css/smoothness/images/ 		332 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondemand.eoriginal.com/ssweb/css/smoothness/images/ui-bg_glass_95_fef1ec_1x400.png
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/css/smoothness/jquery-ui.theme.min.css?eOv=24.0.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
ce13b77cda01e6440b7e17f3dc78271eb282476e1494e7821a5c00d04ed75b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/css/smoothness/jquery-ui.theme.min.css?eOv=24.0.0.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:32:00 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:24:06 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
image/png; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
332
X-XSS-Protection
1; mode=block
ui-icons_cd0a0a_256x240.png
ondemand.eoriginal.com/ssweb/css/smoothness/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondemand.eoriginal.com/ssweb/css/smoothness/images/ui-icons_cd0a0a_256x240.png
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/css/smoothness/jquery-ui.theme.min.css?eOv=24.0.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
0e45cac02cc752e1d8e009e21970744435126e86ae380caa9b18ca28550bb520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondemand.eoriginal.com/ssweb/css/smoothness/jquery-ui.theme.min.css?eOv=24.0.0.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:32:00 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:24:06 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
image/png; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
4549
X-XSS-Protection
1; mode=block
glyphicons-halflings-regular.woff2
ondemand.eoriginal.com/ssweb/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ondemand.eoriginal.com/ssweb/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/css/bootstrap.css?eOv=24.0.0.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.83.189.214 , United States, ASN1828 (UNITAS, US),
Reverse DNS
Software
/
Resource Hash
ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ondemand.eoriginal.com/ssweb/css/bootstrap.css?eOv=24.0.0.2
Origin
https://ondemand.eoriginal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 14:32:00 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 24 Jan 2024 21:24:06 GMT
X-Download-Options
noopen
Content-Language
de-DE
Content-Type
application/font-woff2; charset=UTF-8
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Length
18028
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ Frame C98A 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bebas+Neue|Nunito+Sans:400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f127a67ad0d9760e9fbf16b9ce9c8a3532940b2c0fe0692df4ffc75aa4c910d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 14:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 14:32:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 14:32:00 GMT
gtm.js
www.googletagmanager.com/ Frame C98A 		387 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83b70a3dd06d6bab9abebc2f0ca52ffd565a90c952fedf9741c3556a03b9f2c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106821
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jan 2024 14:32:01 GMT
txi3lnd.css
use.typekit.net/ Frame C98A 		3 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/txi3lnd.css
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
679633bdd13cab82f5b42f46f779356231daa8ffd049ae35435a32fe0d079b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:32:01 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
731
css2
fonts.googleapis.com/ Frame C98A 		455 B
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IM+Fell+Great+Primer:ital@1&display=swap
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
325f2a201769ba45bfdbc006969cfd42a49ff88ae0b96bb2b4e766cacc855347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 14:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 14:32:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 14:32:01 GMT
4503.js
script.crazyegg.com/pages/scripts/0011/ Frame C98A 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0011/4503.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7686c7b757b251c578fc6d5ef5aff1fe99a37a702b2667630a8b42e4853e49a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1736
cf-polished
origSize=6112
ce-version
11.5.172
cf-bgj
minify
last-modified
Mon, 29 Jan 2024 14:03:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
84d22ea54b0c1db1-FRA
salemove_integration.js
api.glia.com/ Frame C98A 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.glia.com/salemove_integration.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:c600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97bcfd985ee6af445c93b9b2c83cc8306b5c3949aa5ff2cf0e4e699cfe56e1e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Mon, 29 Jan 2024 14:31:35 GMT
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
last-modified
Mon, 29 Jan 2024 11:28:52 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
32
x-amz-server-side-encryption
AES256
etag
"f4fcb7c6ae8bba6ab7c5bac110d477c3"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9094
x-amz-cf-id
5gjVI5Cvs4ol8RQnxkrdlkvMxubYhNt1qTbX4vzM9f43T80K4bwQ6w==
script.js
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/ Frame C98A 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/script.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb11cf7a4c2fba921249170b939e7e0799631adf4d85f3caa537d2e6ab4e009a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"18007-60df7ee12a354-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wv1hy4sprzQAyhDJAc1VDDgYgE1f3GyeBN4Afo6fOIFVP55%2B%2FiuDVKGqMM8ckMfOyGgbYkuri6tCWy1Qauz9TkhUsyuhyszSgPppCTWAJYiLIecLrDzsmnviRpnoiUw8bZ7JgZ%2FOPpveol4Jfikd"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22ea5eb7d9b45-FRA
webpack-runtime-0758ad1cf92971f0e12b.js
www.origin.bank/ Frame C98A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/webpack-runtime-0758ad1cf92971f0e12b.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c9ecc0e09caee36d6067850647c5c82ad65a7fff6383444e2b2b990f463eb5db
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:47 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-2deb"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
framework-167a9b4985edbedfef58.js
www.origin.bank/ Frame C98A 		127 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/framework-167a9b4985edbedfef58.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
820e78c21565d382e4e2e9d705cdd68ad65469d19512fe3c9651a89ee18e17da
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:54 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae2e-1fa18"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
app-e4473a1a06f94f1fe301.js
www.origin.bank/ Frame C98A 		89 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/app-e4473a1a06f94f1fe301.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ae730aeb547161fc0d11aa96547d309da8a21fc2a32aeb218213a9782d2da958
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:47 GMT
last-modified
Mon, 29 Jan 2024 13:51:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad58-165ec"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
0f1ac474-d482ab44c441b4ad8d53.js
www.origin.bank/ Frame C98A 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/0f1ac474-d482ab44c441b4ad8d53.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e38198e7214b103cebacd95056d1d84efd316663c4e9fd8172b3c3a29a397b9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-11c19"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
b637e9a5-9526134c0eb5e340a2a1.js
www.origin.bank/ Frame C98A 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/b637e9a5-9526134c0eb5e340a2a1.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
65d8a3bde0df15cd24b4e4520c080f3ce21424a4b8ac6fd8bf073bc923e9aa6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:47 GMT
last-modified
Mon, 29 Jan 2024 13:51:16 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad54-154ca"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
4e91286fe3c45a0db439bb41cc3f52d797af8091-14a1e42351de4d7e30d8.js
www.origin.bank/ Frame C98A 		181 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/4e91286fe3c45a0db439bb41cc3f52d797af8091-14a1e42351de4d7e30d8.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bca12d022ee87083d6c81f7f4470e056e85784526047b6dc635bb178fc3960d6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-2d277"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
2a58487b68a9968041b335fd65edb97557b19879-9973dc59e8679129a1a0.js
www.origin.bank/ Frame C98A 		556 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/2a58487b68a9968041b335fd65edb97557b19879-9973dc59e8679129a1a0.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
465c94b9e3a06b8df26ed27ec502394fd422d308ccac7e9476dccb9f07510459
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:47 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-8b1b5"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
5fa3400d6b034ad4c66935bfbef3443b2af7fdd8-7800d09c399e006d1849.js
www.origin.bank/ Frame C98A 		88 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/5fa3400d6b034ad4c66935bfbef3443b2af7fdd8-7800d09c399e006d1849.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e31b6a4a644e0b32e240e5e9f905171c66236fafe153d1036021d9af4e7b9486
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-16048"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
component---src-templates-content-page-get-index-js-e212c9b208705d380179.js
www.origin.bank/ Frame C98A 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/component---src-templates-content-page-get-index-js-e212c9b208705d380179.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a628311077e2136f018ebe4d2a280895120a7a90f82529492d1159554188c7f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:47 GMT
last-modified
Mon, 29 Jan 2024 13:51:21 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad59-190cc"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/javascript
x-xss-protection
1; mode=block
page-data.json
www.origin.bank/page-data/estatementdisclosure/ Frame C98A 		36 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/estatementdisclosure/page-data.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1ac245b42fcc9ee165454ca1499a40f6b9cf7634a634cc5ee13d8e586cfbed92
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-8e50"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1050570299.json
www.origin.bank/page-data/sq/d/ Frame C98A 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1050570299.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e54c3d83da4bb92bc6a5819baa87894937fa9d1b1772c4d58e674a299595ab8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-23af"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1074198003.json
www.origin.bank/page-data/sq/d/ Frame C98A 		68 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1074198003.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3216b4f1fee6e4b03771215ad580324817643599a970547b643994a3bdca8ffc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-10ffa"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1356168456.json
www.origin.bank/page-data/sq/d/ Frame C98A 		98 B
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1356168456.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
10452f7bba3c8398ddd002b0643d6844371bfdbe88f7944ea6bdf43495890f6a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-62"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1626908563.json
www.origin.bank/page-data/sq/d/ Frame C98A 		10 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1626908563.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c1108df430c3ae6e1aaae966960e171d2f04d7180a2035e469a4132e92654ae1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-260d"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1651290744.json
www.origin.bank/page-data/sq/d/ Frame C98A 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1651290744.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7f96735b90ff76495acfcab36b384fb49bba34a40c76ace42a44a01f52cb46ab
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-12a6"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
1953693029.json
www.origin.bank/page-data/sq/d/ Frame C98A 		1 KB
623 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/1953693029.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cd3e8184c6cf9168691f2e70a1955726825cfaa3d536037bc3b58801654de175
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-4ab"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2121473480.json
www.origin.bank/page-data/sq/d/ Frame C98A 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2121473480.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
934e73c4b199e367fbe20a99be78231c0cfeb107e176b777642750c46e8f07f1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-185b"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2409875235.json
www.origin.bank/page-data/sq/d/ Frame C98A 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2409875235.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
533d42ff05529f15d0b2273cef9eb677294a2bee70e5dedc301d49dac073391a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-1065"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2538862095.json
www.origin.bank/page-data/sq/d/ Frame C98A 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2538862095.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4bc0f2b248084ecd8a3fff24c72dff13d675e2320b77973ba41ef1d01bfa85b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-e63"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2643166700.json
www.origin.bank/page-data/sq/d/ Frame C98A 		102 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2643166700.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8b7a5cf1be03430553ab2f8e92279bfae2292b05b3c42e3fc85cce1257c9fa13
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-196f5"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
265527514.json
www.origin.bank/page-data/sq/d/ Frame C98A 		14 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/265527514.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cd786de21f9cdf8be695c83064d9d62bc22039947c64c3ef66da4b7826266dbf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-374b"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2730587676.json
www.origin.bank/page-data/sq/d/ Frame C98A 		493 B
271 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2730587676.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
773bf71e88661244850596f47de5dccf3db0742d3aad4bf7948b38d4770652f0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-1ed"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
2812212315.json
www.origin.bank/page-data/sq/d/ Frame C98A 		13 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/2812212315.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5cd6759a6bdc2a897bb08e9a60ea3e0b38f4a600c1dc8f6d975e84fc3738fad4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-34df"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
3045936119.json
www.origin.bank/page-data/sq/d/ Frame C98A 		145 KB
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/3045936119.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4c7c977f31cead29ac3ff621a45977d970244b9df92016620fb5a402654a69d2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-24290"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
3106348735.json
www.origin.bank/page-data/sq/d/ Frame C98A 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/3106348735.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b556d725f46b7b00f43ed152770566b313f91029a98bb39497ecd46a8df36264
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-3566"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
3126068568.json
www.origin.bank/page-data/sq/d/ Frame C98A 		13 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/3126068568.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
470265a0d9fcd2be0f9e929bd0deb7512919fa0ad9083fbec350a11302637b51
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-33f8"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
3207459231.json
www.origin.bank/page-data/sq/d/ Frame C98A 		48 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/3207459231.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69a52eac6e09cb3b4bc4f76dacfebbf002fa92ffa298d22dcd2cc856a918c638
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-c1d6"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
3223018631.json
www.origin.bank/page-data/sq/d/ Frame C98A 		11 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/3223018631.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
287cf17dc9d5c5f68c938c2f2865e9fd260599c529801ee3dc8430e48be9581f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-2b77"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
4249804299.json
www.origin.bank/page-data/sq/d/ Frame C98A 		1 KB
760 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/4249804299.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2d4f27c59d05a76316be1811d639f30ce60976d3df6b6ba695f039fae95934d9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-569"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
515423964.json
www.origin.bank/page-data/sq/d/ Frame C98A 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/515423964.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c77b80379758b59772d2235318a87fb980caea9768c41dae78558dde50a38f2d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-3c36"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
543045911.json
www.origin.bank/page-data/sq/d/ Frame C98A 		8 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/543045911.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e1bb4f1c5954527cb26a58bed8baecc50b60f13b87147c977f2ad21b93f6754
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-2002"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
573129284.json
www.origin.bank/page-data/sq/d/ Frame C98A 		1 KB
618 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/573129284.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0479550656a8388e8666e7365dc3f4d30eef43c1351d45328528a4598aea6cd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-5b1"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
574188855.json
www.origin.bank/page-data/sq/d/ Frame C98A 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/574188855.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0823f2c3a98293072a9584df6c8e0af14603b2559e71ee71e039a149447cb39a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-3a75"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
588146888.json
www.origin.bank/page-data/sq/d/ Frame C98A 		8 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/588146888.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cbc8c1fd0414effe4941e92e5c8f02238f86c6d35e490c57dafe611a67e2a8f9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-1f4b"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
99379720.json
www.origin.bank/page-data/sq/d/ Frame C98A 		106 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/sq/d/99379720.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1e1bd830043e271dfcc044af0828d13a912f76853d06eddd4d256205fcc903c3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ad57-1a6d5"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
app-data.json
www.origin.bank/page-data/ Frame C98A 		50 B
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/page-data/app-data.json
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0dacfa94af1e591097d012f1822808f68e151a1b7cf4d87c2bb39af506f5b38a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Origin
https://www.origin.bank
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:35 GMT
last-modified
Mon, 29 Jan 2024 13:54:57 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7ae31-32"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json
x-xss-protection
1; mode=block
logo-b2dae7d466b0bea8362ba65585a1bd0e.svg
www.origin.bank/static/ Frame C98A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.origin.bank/static/logo-b2dae7d466b0bea8362ba65585a1bd0e.svg
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d0d142f94fa2bee90d593f35512739fe481bcf394dbeb89e94d2abbed2e637c9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65b7ad57-383e"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
image/svg+xml
accept-ranges
bytes
content-length
14398
x-xss-protection
1; mode=block
roxi.js
static.srcspot.com/libs/ Frame C98A 		76 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.srcspot.com/libs/roxi.js
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.8.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.8.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a80766258ee66697131ff86b4bd8c8a040591baf6d340d6396a865ec3682e5dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPrvW6kg3A1SmtCtfJY0RRPu1WfFQDX7e0cVQJo6Fda_1081S0Sh9P-CzRaqamT66jRWJXo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35445
last-modified
Wed, 03 Jan 2024 10:16:39 GMT
server
UploadServer
etag
"91ebd6b41b2035bba056e35b61d05313"
x-goog-generation
1704276999715744
x-goog-hash
crc32c=ZSG7JQ==, md5=kevWtBsgNbugVuNbYdBTEw==
content-type
application/javascript
cache-control
no-transform, public, max-age=900
x-goog-stored-content-length
35445
accept-ranges
bytes
expires
Mon, 29 Jan 2024 14:47:02 GMT
js
www.googletagmanager.com/gtag/ Frame C98A 		292 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EHBXMHEYFJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
214c96aa43aaff09a9a7b7dd4a9ab6183731138e240a9d2ba03bce685479d3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 14:32:02 GMT
activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;u...
8704941.fls.doubleclick.net/ Frame 9415
Redirect Chain
  • https://8704941.fls.doubleclick.net/activityi;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=...
  • https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;...
587 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
8933ac1edbbbe5608f53ac8bc0b8f09f7979823e068bd46abe16036bedbec6fd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.origin.bank/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
326
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 14:32:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 14:32:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame C98A 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2024 14:42:29 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=43725
accept-ranges
bytes
content-length
15732
analytics.js
www.google-analytics.com/ Frame C98A 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jan 2024 13:30:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3678
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jan 2024 15:30:44 GMT
dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
8704941.fls.doubleclick.net/ddm/fls/r/ Frame 4909
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;u...
  • https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;...
845 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Requested by
Host: 8704941.fls.doubleclick.net
URL: https://8704941.fls.doubleclick.net/activityi;dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
3c9b60156f5401816fb3345e5c11893658bede297cd51628fac6755b1de37cb9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8704941.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 14:32:02 GMT
expires
Mon, 29 Jan 2024 14:32:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 14:32:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p.css
p.typekit.net/ Frame C98A 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=txi3lnd&ht=tk&f=2005.2007.2009.2011&a=123419292&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/txi3lnd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
menu.txt
www.origin.bank/ Frame C98A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/menu.txt
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/5fa3400d6b034ad4c66935bfbef3443b2af7fdd8-7800d09c399e006d1849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
date
Mon, 29 Jan 2024 14:13:48 GMT
last-modified
Mon, 29 Jan 2024 13:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65b7ad57-0"
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
text/plain
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
/
www.origin.bank/api/alerts/alert/all/ Frame C98A 		192 B
505 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/api/alerts/alert/all/?_lang=en
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/2a58487b68a9968041b335fd65edb97557b19879-9973dc59e8679129a1a0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d4d8642bdb086731d8b6221eab5a55bf48156ed40892dcae6e47561d4cbcbcdd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"c0-11BzO+Ld41vlXpCE/ib/8i1qVrs"
vary
Origin
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json; charset=utf-8
access-control-expose-headers
Access-Token,ZFW-Error-Message
access-control-allow-credentials
true
x-xss-protection
1; mode=block
/
www.origin.bank/api/content/page/get/ Frame C98A 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/api/content/page/get/?_lang=en&uri=/estatementdisclosure/&_limit=1
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/component---src-templates-content-page-get-index-js-e212c9b208705d380179.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b3346c5d75f437526fd92bd4930e3cb73065b2a5cdc1cced59226fac589246b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"4891-jTjzJELJ2xHCo4cG97Uoi0FeT8s"
vary
Origin
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json; charset=utf-8
access-control-expose-headers
Access-Token,ZFW-Error-Message
access-control-allow-credentials
true
x-xss-protection
1; mode=block
/
www.origin.bank/api/content/page/get/ Frame C98A 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/api/content/page/get/?uri=/estatementdisclosure/&_join=Audience
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/component---src-templates-content-page-get-index-js-e212c9b208705d380179.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fee693cd22c4f9224d064e2a4f961dd9c1fb971321b4bed599441c6e59554983
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:17:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"4891-SembKf9tzYURpsy6or1kYpNEHow"
vary
Origin
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json; charset=utf-8
access-control-expose-headers
Access-Token,ZFW-Error-Message
access-control-allow-credentials
true
x-xss-protection
1; mode=block
www.origin.bank.json
script.crazyegg.com/pages/data-scripts/0011/4503/site/ Frame C98A 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0011/4503/site/www.origin.bank.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/4503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f80ea9642c46cad193dbd62a4a6af750e3e8179b241b11ffbdf4205fd5efe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 14:32:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.172
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d22ea65961bb55-FRA
content-length
1649
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0AA1
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: 8704941.fls.doubleclick.net
URL: https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 29 Jan 2024 14:32:02 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
d3bf089a07d11314
pixel.sitescout.com/iap/ Frame 4909
Redirect Chain
  • https://pixel-a.basis.net/iap/d3bf089a07d11314
  • https://pixel.sitescout.com/iap/d3bf089a07d11314
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/d3bf089a07d11314
Requested by
Host: 8704941.fls.doubleclick.net
URL: https://8704941.fls.doubleclick.net/ddm/fls/r/dc_pre=CNTdu5LogoQDFUdRHgIdpw4A3A;src=8704941;type=retar0;cat=retar0;ord=534356543936;pscdl=noapi;gtm=45He41o0v843127484;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8704941.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 29 Jan 2024 14:32:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/d3bf089a07d11314
content-length
0
sw_iframe.html
www.googletagmanager.com/gtm/static/ Frame F270 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm/static/sw_iframe.html?origin=https%3A%2F%2Fwww.origin.bank
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHBXMHEYFJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39819e35d9f8ad70a0cbe9e6731d8042df5f3a379d16baa7b1ac66608460624c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=900
content-encoding
br
content-length
1313
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 14:32:02 GMT
expires
Mon, 29 Jan 2024 14:32:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ Frame C98A 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jan 2024 14:32:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
G5cqkY5FhFYXfH978Yfdxo0N127krNyxA78WorbexW8MPFpvS+Dmv/0XWrXFvLksSYvUeySbhQtC6KrwALUTKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame AA92
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://www.origin.bank/estatementdisclosure/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 29 Jan 2024 14:32:01 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
5b449921f0086aad
pixel.sitescout.com/up/ Frame C98A
Redirect Chain
  • https://pixel-a.basis.net/up/5b449921f0086aad?cntr_url=
  • https://pixel.sitescout.com/up/5b449921f0086aad?cntr_url=
43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/5b449921f0086aad?cntr_url=
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 14:32:01 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/up/5b449921f0086aad?cntr_url=
content-length
0
ndp.js
ads.nextdoor.com/public/pixel/ Frame C98A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: ondemand.eoriginal.com
URL: https://ondemand.eoriginal.com/ssweb/browserDetectionPage.eo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.164.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-164-215.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e358ac9219c2bfde08ebd2b62efe991cc0e27671ec64bdc5b6b15a5c195107de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding
gzip
last-modified
Wed, 24 Jan 2024 19:40:37 GMT
server
istio-envoy
etag
W/"65b167b5-1d56"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
4
adelphic_universal_pixel.js
js.ipredictive.com/ Frame C98A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS39SLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:51:07 GMT
via
1.1 5cc4b35b46cb9b55d49e7f47442e6838.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2455
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
ZNWfyVTkrrxoaiWLjZstrSOWVRXXIoN4_VHgJGxe_1cF8LOpt36mNw==
collect
px4.ads.linkedin.com/ Frame C98A
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2537876%26time%3D1706538722258%26url%3Dhttps%253A%252F%252Fwww.origin.bank%252Fes...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true&e_ipv6=AQKc4LHwDMniMAAAAY1Vom...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true&e_ipv6=AQKc4LHwDMniMAAAAY1VomZ3Tetj3RR6i3VSLyrqBT2eeybWe8oYoG1Ri2KudJ5VHwjiqwQ
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E91591C5F4D24AA691BCAA218D819EF4 Ref B: DUS30EDGE0919 Ref C: 2024-01-29T14:32:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQFoJj4pgHstHWOFMtQQ==

Redirect headers

date
Mon, 29 Jan 2024 14:32:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B07A396B358C47869ABF7D73C77E9B0F Ref B: FRAEDGE1812 Ref C: 2024-01-29T14:32:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2537876&time=1706538722258&url=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&cookiesTest=true&liSync=true&e_ipv6=AQKc4LHwDMniMAAAAY1VomZ3Tetj3RR6i3VSLyrqBT2eeybWe8oYoG1Ri2KudJ5VHwjiqwQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQFoJgKyfpI7X3UZim+Q==
log
log.cookieyes.com/api/v1/ Frame C98A 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.171.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-171-221.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.origin.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarywtVRlPsRjG8CtzPb

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 14:32:02 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/ Frame C98A 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b4f63717c249100d26dc7a82321bc219e86f3b53c0c1b7a0aa219d2eaa27c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"17e21-60df7ee12a354-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UySTmNjx2YV3fe6e%2BxLDYHvfiSXXpEF6cC1SkUpydQHfdQeiE4pjz1ZUzxz4Lfks41S26K6oqTEGdCXZdpriEQeyljs6xmuG3nJAK1B5OXZ%2BfygXeAmd5eLN9Foo58cJhDBlQG6ofqZk0xXgrDS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22ea66bff9b45-FRA
visitor_config
api.glia.com/ Frame C98A 		9 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:c600:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
225d19f13bfb20b954407459c02c54fbdfbf99fc5ef98cedc7370f2a83e384f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.origin.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-length
9154
access-control-max-age
7200
access-control-allow-methods
["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
content-type
application/json
access-control-allow-origin
https://www.origin.bank
access-control-expose-headers
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
vary
Origin
x-site-visitor-config
true
access-control-allow-headers
Content-Type, Accept, Authorization
x-amz-cf-id
1b0gHgS4QU4_23EEn-c55e1hnT51w_BLlHkG9ICtqnkLCUJ2fFUHhQ==
a
www.googletagmanager.com/ Frame C98A 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?ctid=G-EHBXMHEYFJ&t=s&si=135&m=0&iss=4&sid=7554616867156145&cc=1&tl=1&hc=1&cl=0&pid=735892928&bc=1
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.origin.bank/api/content/template/get/ Frame C98A 		701 B
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.origin.bank/api/content/template/get/?id=60119cb853c5dfcce9b3b2be
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/component---src-templates-content-page-get-index-js-e212c9b208705d380179.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.239.247.206 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f2b6ab300124587358a530edffeeab0a729d1f25e3b912ec681c06272f40845
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
X-Frame-Options allow-from https://onlineapps.ibanking-services.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/estatementdisclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' ibanking-services.com *.ibanking-services.com ondemand.eoriginal.com;
content-encoding
gzip
date
Mon, 29 Jan 2024 14:13:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"2bd-+pljftQfWSbtSKdbJ1z8YNwsWRA"
vary
Origin
x-frame-options
allow-from https://onlineapps.ibanking-services.com
content-type
application/json; charset=utf-8
access-control-expose-headers
Access-Token,ZFW-Error-Message
access-control-allow-credentials
true
x-xss-protection
1; mode=block
1099356826871124
connect.facebook.net/signals/config/ Frame C98A 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1099356826871124?v=2.9.143&r=stable&domain=www.origin.bank&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4aafcfb7e39a7db65b5a86b31da5a94f9c823f5ed2fc1a5f7c8cd7c21aaa8c53
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jan 2024 14:32:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
bGlAQ2lpjMJr5MfobMbMDe9q75ENTAz3zXSGaw9sFbMsFB4KGsY5mBnfcGObi+3qCvEtH2h5tcU8AKYnnBjA/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame C98A 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1099356826871124&ev=PageView&dl=https%3A%2F%2Fwww.origin.bank&rl=&if=true&ts=1706538722593&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4124&cs_est=true&pm=1&hrl=b0735b&ler=empty&cdl=API_unavailable&it=1706538722472&coo=false&cs_cc=1&cas=6533526593434062%2C9831968673540287%2C6137710399591074%2C3535509023191002&exp=d1&rqm=GET
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jan 2024 14:32:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bootstrapper-e1fd6bcbb.js
libs.salemove.com/visitor/ Frame C98A 		638 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor/bootstrapper-e1fd6bcbb.js
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:4600:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
366b997ab3dcf82b53e4e0f639f8ee6aea796db2c8121e1ead585e29d1265c48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:17:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
8102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 29 Jan 2024 11:24:27 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:7dc9b240ee2f4e6909bbd61a84a55569
etag
W/"7dc9b240ee2f4e6909bbd61a84a55569"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
soGycd44FIryZRdLELmZXIf2oi5XdSb3Y1rxMI4YTKoDMSM24ZhEGA==
0950ea1dbebed2954aa6d777835d27a1.js
script.crazyegg.com/pages/versioned/common-scripts/ Frame C98A 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/4503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c5ec67ba1bad191886f86a9ff26d695e5947256d85e466159a81ab87883262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 18:00:36 GMT
server
cloudflare
age
5195
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d22ea9281a1db1-FRA
content-length
31521
www.origin.bank.json
script.crazyegg.com/pages/data-scripts/0011/4503/sampling/ Frame C98A 		156 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0011/4503/sampling/www.origin.bank.json?t=474038
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682ca44e644f7db9b3670edc28e46bacbfe0614d8e79d7da45c837e04e327a5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 14:32:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.172
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84d22ea9acfbbb55-FRA
content-length
143
webcomponents_es5-e1fd6bcbb.js
libs.salemove.com/visitor/ Frame C98A 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor/webcomponents_es5-e1fd6bcbb.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-e1fd6bcbb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:4600:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:17:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
8102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
936
last-modified
Mon, 29 Jan 2024 11:24:28 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f86098c5208655efb405300993461936
etag
"f86098c5208655efb405300993461936"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SvQFkA-isIgnY76GTcqciZtV6KYfGImEWsMlOD15hqjMtISXJM_SoA==
pixel
flask.nextdoor.com/ Frame C98A 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=42f9cc8c-ce0b-43f7-8ccb-3ac12f3011b9&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=1abf46e4-f5eb-4137-947b-b4e4c8afdc93&pageid=9804a3f9-bfce-4e94-a614-a821154b5fa1&sessionid=fdb91d3e-cd3f-4e4a-92f2-cdf0aa058759&cd=%7B%7D
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.164.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-164-215.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
context-id
544220a7-a5f5-4e36-b717-4b54bb6bb900
healthcheck
pagestates-tracking.crazyegg.com/ Frame C98A 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-24.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
11364516
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
9djzZTRuGedZZ_BnZ3gMNmChw6VlCa6bmOy5Gf5BoNgu4Cn-bF80vQ==
healthcheck
assets-tracking.crazyegg.com/ Frame C98A 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-98.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
3503315
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
UB7Fug9ADcsDD_8UHC9-EUKKfRnakOXJ_-AIWCQZFt90Im4qXLgXEA==
2d4500c2-5cce-4252-9a15-81b308b52c0d
https://www.origin.bank/ Frame C98A 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.origin.bank/2d4500c2-5cce-4252-9a15-81b308b52c0d
Requested by
Host: www.origin.bank
URL: https://www.origin.bank/estatementdisclosure/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
/
px.ads.linkedin.com/wa/ Frame C98A 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.origin.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 29 Jan 2024 14:32:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 252A3FB9EF9849BF8532B7E1E9C8BCBA Ref B: FRAEDGE1812 Ref C: 2024-01-29T14:32:03Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.origin.bank
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYQFoJmwageL6nL6mQ66w==
IjZgRc4F.json
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/ Frame C98A 		44 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/IjZgRc4F.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7c5df1b563df49618307b39943e367ea498b73a152d78d35ac32d0741f8659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
343187
etag
W/"2c-60df7ee1293b4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEL5UXSy%2B8Y9zyVY5hqWlHWw6WKmwrPejsnypFGiUOWw8mCWIlohwPvY%2FBDLH%2FRjLe3CI8CGnUeGUWapnqyiC9nIkpC7MfxqhOfNzR3B89xQ8vPuJyQXP%2Fo2m5mpngtmut6JXngMHJ5djt%2BzhUUi"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22eada8552c76-FRA
clock
tracking.crazyegg.com/ Frame C98A 		28 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1706538723398&tk=e5867c8421721116cfdfc094bdc69b53&s=239062&p=%2Festatementdisclosure%2F&u=114503&v=7b209ae3118b80ffac5c1fb49402530a6b8a4a4d&f=origin.bank%2Festatementdisclosure&ul=https%3A%2F%2Fwww.origin.bank%2Festatementdisclosure%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0950ea1dbebed2954aa6d777835d27a1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.36.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-36-206.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
2b0eb870cf1fc0d6371d85ba8ca8e64125131d2a46c7b10440d8561ac4221ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 14:32:03 GMT
cache-control
no-store
server
awselb/2.0
content-length
28
content-type
text/plain
ip
directory.cookieyes.com/api/v1/ Frame C98A 		108 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://directory.cookieyes.com/api/v1/ip
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.16.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-16-191.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
66c4ae3db356f8fafcc14884e1350c11a1f648a337d14509952bf245e6477e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 14:32:03 GMT
x-powered-by
Express
content-length
108
etag
W/"6c-yVmtNnWRnC5jD6VBESIm4OK9edg"
content-type
text/html; charset=utf-8
f14ac2e4-5e03-440f-8007-170d85817d60
https://www.origin.bank/ Frame C98A 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.origin.bank/f14ac2e4-5e03-440f-8007-170d85817d60
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b8b16f32c5a471d7aac969d8678784b1be8df6bfe3e0c0f7a77c0d3f196c7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
_6Pjnpq1.json
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/config/ Frame C98A 		32 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/config/_6Pjnpq1.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a31bb79dc61daf20c0158fb1aae06157b46c0b95ca09745bc642f62cb4875d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
343187
etag
W/"7f81-60df7ee12a354"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2u%2Ba6%2BIHqKPeyuEiCQeDdC0ib9OT9cqb9sSrbPWVH8WyIu9olL1eWKFbYhPpW79RgdFVKLYpVNylQIginFHL%2BCrIPGKrTsbTn2s2hwWL7DRD%2BsOB8BLyYY5vxm3O7Sqkc9m6RPvpRKIC0DO6MPc"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22eaf2a2c2c76-FRA
EYoehQsR.json
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/translations/ Frame C98A 		2 KB
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/translations/EYoehQsR.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14612faefc54e67007084332e850f554ca6ba980bebd2f88beb4051dffa87d61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
343187
etag
W/"6ef-60df7ee12a354"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtYPUF5v42KZEzQ6ZIBITBGn3tquVVC3zxzEyKFdoKHK%2BUVNyQ%2FrWIwUJ0BdeL6zEhSze%2F4vOCt%2BBHRNTrK06NumcGlaZMbCTkFr0u4LQsRBJKUxcyM8%2FgUbh%2BgOYSTzf4M880KuvCdnFQa9W3fq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22eaf7a9f2c76-FRA
q6YklS0-.json
cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/audit-table/ Frame C98A 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/audit-table/q6YklS0-.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2ab3e4bb6f5d145aead90c07e5ace5ac05647fc640bdfbd31f58c81578ddcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jan 2024 15:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
343187
etag
W/"2a25-60df7ee12a354"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsra4V%2BF%2FO4tD72cTVKTm2CvYUYnYDtBYeqfrD5sgENpBuipMzLitkYyfCbYCBmStVt%2FMmgBxq4bZ30EOlkFMGRfsRsBWpPMsfpTKfW8AiHCnbMoQsdHAkWk9hMuLmODfAn5%2FoO%2BCTyLy%2BOUNOWm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
84d22eafcafc2c76-FRA
revisit.svg
cdn-cookieyes.com/assets/images/ Frame C98A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
551415
etag
W/"923-5da3a668dacc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=My3144DdE%2BBv86uENvj9w9PKIcMdhNBP%2FIp9gbnrTkRM44N143pseeme7iSzQJbO6V%2F2zyE7cyTZ1Y7JuorzsHAOePoFsuE2e25xmIBtJkjgQuL4VlxEWkeI1it8wJt4g64kpIDKm4MRTWAmJ2CA"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
84d22eb01d1d9b45-FRA
close.svg
cdn-cookieyes.com/assets/images/ Frame C98A 		1 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
383989
etag
W/"541-5da3a66c769d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc2K3ny0go9G3Z1T0xa9UahvxFYBUEnHJcSiTjM%2BjJn1scvvGObUhH6gXUoSqDOpcpmP%2BTeAYZY2im3sH%2BXjlaQ3ojd7Sqo9c8JUSSJxX9pim6EL2FONMC1ZWGx9y1J2oGimXmAsRxBbDI4s%2FihJ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
84d22eb01d1f9b45-FRA
poweredbtcky.svg
cdn-cookieyes.com/assets/images/ Frame C98A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.origin.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:32:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
287373
etag
W/"eb2-5da3a68c50d09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SwEhJM%2Bq3xOCxiqKL92bdT%2Faey7kn1aTemUARg5pSDqwPMhX4jVTDAAJ56gEtN3qe6SdhPmKiwDhtFP1wu7%2F1Mdk%2B9bkZ5SzbFA%2Bu9kOkoXrVqbbl%2Fo28n8F%2F8fnvtktkSKv1ygynjh1ypMUN56"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
84d22eb01d219b45-FRA
log
log.cookieyes.com/api/v1/ Frame C98A 		2 B
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/800b86f958d0d8937bcad0a1/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.171.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-171-221.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.origin.bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMoAVRPZPd0CqGEs2

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 14:32:03 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| eoUtils function| $ function| jQuery function| Popper object| bootstrap function| _typeof object| CommonsValidator function| limitText

33 Cookies

Domain/Path Name / Value
ondemand.eoriginal.com/ssweb Name: JSESSIONID
Value: H0D3_07Yn-V8gJ8SIpbrQQ__.node131
ondemand.eoriginal.com/ssweb Name: capabilities.screen.width
Value: 1600
ondemand.eoriginal.com/ssweb Name: capabilities.screen.height
Value: 1200
ondemand.eoriginal.com/ssweb Name: capabilities.touchSigningSupported
Value: false
ondemand.eoriginal.com/ssweb Name: capabilities.touchScreen
Value: false
ondemand.eoriginal.com/ssweb Name: capabilities.fileUploadSupported
Value: true
ondemand.eoriginal.com/ssweb Name: capabilities.mouseSigningSupported
Value: true
ondemand.eoriginal.com/ssweb Name: capabilities.contentEditableSupported
Value: true
ondemand.eoriginal.com/ssweb Name: capabilities.userMediaSupported
Value: true
ondemand.eoriginal.com/ssweb Name: capabilities.epadSupported
Value: false
ondemand.eoriginal.com/ssweb Name: capabilities.topazSupported
Value: false
ondemand.eoriginal.com/ssweb Name: capabilities.topazLcdDevice
Value: false
ondemand.eoriginal.com/ssweb Name: capabilities.topazLiteSupported
Value: false
ondemand.eoriginal.com/ Name: SameSite
Value: None
ondemand.eoriginal.com/ Name: ADRUM_BT1
Value: "R:72|i:489631|e:17"
ondemand.eoriginal.com/ Name: ADRUM_BTa
Value: "R:72|g:76539e2b-6c43-4a8c-94ee-44e8f72b024f|n:wkapmusp01_6cc66bde-3861-41d4-9011-056a0dc12109"
ondemand.eoriginal.com/ Name: ADRUM_BTs
Value: "R:72|s:f"
.doubleclick.net/ Name: IDE
Value: AHWqTUn_KRoLCEnEEjY1gzMzUsVVgvad1Myk62bQscteVw-WY2fKMDGnbRbKn8OzCio
.linkedin.com/ Name: li_sugr
Value: 68fd282d-57cb-48e0-8607-fd9e380c85d2
.linkedin.com/ Name: bcookie
Value: "v=2&8f6c16f4-4deb-4455-80b6-ffc2519a6e1c"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2782:u=1:x=1:i=1706538722:t=1706625122:v=2:sig=AQH6hAer_OZf284pnBgU0tNuOvH4CQl9"
api.glia.com/ Name: visitor_session
Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MDY1Mzg3MjIsInZpc2l0b3JfaWQiOiI4NjE1ZjJmNS1mMTRjLTQ5MjMtODdkOC1kZTgyMGNjMTk1ZjgiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI5MzE3Y2FmYi1kM2I1LTRiZTUtYjhiZC1lZDdiOGExZTZkZTgifQ.AXtwpeFVCKspMBkBSLpOg9LjRz9Dc0VupKnqBl-YedoQXOK5eXQYWhJ0Pe94Rt49wO3oK0_QWl-Jgm_5vX-Tpg
api.glia.com/ Name: visitor_session_partitioned
Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MDY1Mzg3MjIsInZpc2l0b3JfaWQiOiI4NjE1ZjJmNS1mMTRjLTQ5MjMtODdkOC1kZTgyMGNjMTk1ZjgiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI5MzE3Y2FmYi1kM2I1LTRiZTUtYjhiZC1lZDdiOGExZTZkZTgifQ.AXtwpeFVCKspMBkBSLpOg9LjRz9Dc0VupKnqBl-YedoQXOK5eXQYWhJ0Pe94Rt49wO3oK0_QWl-Jgm_5vX-Tpg
.linkedin.com/ Name: UserMatchHistory
Value: AQI6o6kv0PWPOgAAAY1VomUebnv99sRDPBYUQ0gOlbAFV2TbJOcGptOnOiTNDs-Ax4jEbsF5uc8yEw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ9WeC0LAcPTwAAAY1VomUet2nCeWabh6kJB8Xp16Z_lUcyUPt0qyRFMzOuB-6zoiUvVl_6HVazUNmdkOD4JQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&202401291432029d0703cd-d9f5-442c-8be8-9adfc67bba02AQFcRYVYOowAGxgPnsYQrwAbQXnqHFdG"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDY1Mzg3MjI7MjswMjGTCTeK72IXTe3Strxlz3DR+YhEQ6j6fNICDmKzitnT3A==
.origin.bank/ Name: _ce.irv
Value: new
.origin.bank/ Name: cebs
Value: 1
.origin.bank/ Name: _ce.clock_event
Value: 1
.origin.bank/ Name: _ce.clock_data
Value: 44%2C80.255.7.109%2C1%2C09dd4f7e094d0daae996260c074cbdea
.origin.bank/ Name: cebsp_
Value: 1
.origin.bank/ Name: _ce.s
Value: v~7b209ae3118b80ffac5c1fb49402530a6b8a4a4d~lcw~1706538723611~lva~1706538723257~vpv~0~v11.fhb~1706538723610~v11.lhb~1706538723611~v11.cs~239062~v11.s~2baaeeb0-beb3-11ee-9a8d-19350716d8eb~lcw~1706538723611

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1099356826871124?v=2.9.143&r=stable&domain=www.origin.bank&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8704941.fls.doubleclick.net
ads.nextdoor.com
adservice.google.com
api.glia.com
assets-tracking.crazyegg.com
cdn-cookieyes.com
connect.facebook.net
directory.cookieyes.com
flask.nextdoor.com
fonts.googleapis.com
js.ipredictive.com
libs.salemove.com
log.cookieyes.com
ondemand.eoriginal.com
p.typekit.net
pagestates-tracking.crazyegg.com
pixel-a.basis.net
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.crazyegg.com
snap.licdn.com
static.srcspot.com
tracking.crazyegg.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.origin.bank
104.239.247.206
13.107.42.14
142.250.74.198
18.173.187.24
18.173.187.98
18.66.192.3
216.83.189.214
2600:9000:2449:4600:0:99b9:cd80:93a1
2600:9000:26da:c600:17:4c3f:1b80:93a1
2606:4700:20::681a:146
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:82f::200a
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:1490
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.223.164.215
35.190.8.230
52.18.171.221
52.51.36.206
54.77.16.191
98.98.134.241
0185247637ab041f6c9eae053583558095b9e6c842a4d9e5b5a991c4d88bbdfe
03bc2c85babf732cd18963f714d0ccb1ec30a5790b97a63903ee6a1fadade5b5
0823f2c3a98293072a9584df6c8e0af14603b2559e71ee71e039a149447cb39a
0dacfa94af1e591097d012f1822808f68e151a1b7cf4d87c2bb39af506f5b38a
0e45cac02cc752e1d8e009e21970744435126e86ae380caa9b18ca28550bb520
0e54c3d83da4bb92bc6a5819baa87894937fa9d1b1772c4d58e674a299595ab8
10452f7bba3c8398ddd002b0643d6844371bfdbe88f7944ea6bdf43495890f6a
14612faefc54e67007084332e850f554ca6ba980bebd2f88beb4051dffa87d61
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
19d6859e3683c2404bfc10f499e3ff4f48d055a1e6bdc582c92032156eb8e341
1ac245b42fcc9ee165454ca1499a40f6b9cf7634a634cc5ee13d8e586cfbed92
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e1bd830043e271dfcc044af0828d13a912f76853d06eddd4d256205fcc903c3
214c96aa43aaff09a9a7b7dd4a9ab6183731138e240a9d2ba03bce685479d3da
21c5ec67ba1bad191886f86a9ff26d695e5947256d85e466159a81ab87883262
225d19f13bfb20b954407459c02c54fbdfbf99fc5ef98cedc7370f2a83e384f8
287cf17dc9d5c5f68c938c2f2865e9fd260599c529801ee3dc8430e48be9581f
2b0eb870cf1fc0d6371d85ba8ca8e64125131d2a46c7b10440d8561ac4221ef8
2c09cf461ded75b4602b0c8d0113b24d1624e9691cb871519bdce669b46e2fb6
2c1f11ed54942a40abc8ce193d853a981c0385625984ec9b79f35a730f7b5dee
2d4f27c59d05a76316be1811d639f30ce60976d3df6b6ba695f039fae95934d9
3216b4f1fee6e4b03771215ad580324817643599a970547b643994a3bdca8ffc
325f2a201769ba45bfdbc006969cfd42a49ff88ae0b96bb2b4e766cacc855347
347370bc95d9556ff9c3b8320e0da338a520468dc1c6366c8e9fbd9703e31b04
3521f70f84e06bd9f1d8c11cda010d5884cf8f6fa056ef793806b6d8dc042d9e
366b997ab3dcf82b53e4e0f639f8ee6aea796db2c8121e1ead585e29d1265c48
39819e35d9f8ad70a0cbe9e6731d8042df5f3a379d16baa7b1ac66608460624c
3b3346c5d75f437526fd92bd4930e3cb73065b2a5cdc1cced59226fac589246b
3c9b60156f5401816fb3345e5c11893658bede297cd51628fac6755b1de37cb9
3fcf9e537c85629c63efe9ee01031a54094cf1ca53040d2f1faad40f2499f494
465c94b9e3a06b8df26ed27ec502394fd422d308ccac7e9476dccb9f07510459
470265a0d9fcd2be0f9e929bd0deb7512919fa0ad9083fbec350a11302637b51
4aafcfb7e39a7db65b5a86b31da5a94f9c823f5ed2fc1a5f7c8cd7c21aaa8c53
4b8b16f32c5a471d7aac969d8678784b1be8df6bfe3e0c0f7a77c0d3f196c7b8
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c7c977f31cead29ac3ff621a45977d970244b9df92016620fb5a402654a69d2
4e1bb4f1c5954527cb26a58bed8baecc50b60f13b87147c977f2ad21b93f6754
533d42ff05529f15d0b2273cef9eb677294a2bee70e5dedc301d49dac073391a
549a01c61fbd4f23eeabcc9ce61274afac8db955620d0dc07bb271937857c80d
559784c45f353ef7d3c7bb05d53b185851918be823091362c126b08130d53e17
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cd6759a6bdc2a897bb08e9a60ea3e0b38f4a600c1dc8f6d975e84fc3738fad4
5f127a67ad0d9760e9fbf16b9ce9c8a3532940b2c0fe0692df4ffc75aa4c910d
612f0adaa66d6266e32e361199e7858e45a3409c58805094008a2fe55bda28e0
65d8a3bde0df15cd24b4e4520c080f3ce21424a4b8ac6fd8bf073bc923e9aa6e
66c4ae3db356f8fafcc14884e1350c11a1f648a337d14509952bf245e6477e6d
679633bdd13cab82f5b42f46f779356231daa8ffd049ae35435a32fe0d079b0d
682ca44e644f7db9b3670edc28e46bacbfe0614d8e79d7da45c837e04e327a5a
69a52eac6e09cb3b4bc4f76dacfebbf002fa92ffa298d22dcd2cc856a918c638
6f2b6ab300124587358a530edffeeab0a729d1f25e3b912ec681c06272f40845
7686c7b757b251c578fc6d5ef5aff1fe99a37a702b2667630a8b42e4853e49a1
773bf71e88661244850596f47de5dccf3db0742d3aad4bf7948b38d4770652f0
78be41fa19e6180796d441affa01521655cbd079179e9eedca6e70f70f8bfc61
7e9566e6734fe1a735cb6e1e6767889e03308e73968aa8de52f64180135a336b
7f96735b90ff76495acfcab36b384fb49bba34a40c76ace42a44a01f52cb46ab
810d3c9db6200c21d964b8092b6d1c123ae13ee63f1fcaeee9d52cd746a57e9e
820e78c21565d382e4e2e9d705cdd68ad65469d19512fe3c9651a89ee18e17da
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
83b70a3dd06d6bab9abebc2f0ca52ffd565a90c952fedf9741c3556a03b9f2c0
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8933ac1edbbbe5608f53ac8bc0b8f09f7979823e068bd46abe16036bedbec6fd
8b7a5cf1be03430553ab2f8e92279bfae2292b05b3c42e3fc85cce1257c9fa13
8e27dc5b8d1ba01d8b639644b45bd4ed78eef63378fdc34576177f44a11eb0e7
8e38198e7214b103cebacd95056d1d84efd316663c4e9fd8172b3c3a29a397b9
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
934e73c4b199e367fbe20a99be78231c0cfeb107e176b777642750c46e8f07f1
97bcfd985ee6af445c93b9b2c83cc8306b5c3949aa5ff2cf0e4e699cfe56e1e1
9f7c5df1b563df49618307b39943e367ea498b73a152d78d35ac32d0741f8659
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a04a184ccefeeff079a406935012c96e8c55fb5e427398c79092073710633092
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1718cee7be02b9ca16392b5fafa6014998645a7e51db332000af014762b44be
a628311077e2136f018ebe4d2a280895120a7a90f82529492d1159554188c7f3
a80766258ee66697131ff86b4bd8c8a040591baf6d340d6396a865ec3682e5dc
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
ae730aeb547161fc0d11aa96547d309da8a21fc2a32aeb218213a9782d2da958
b0479550656a8388e8666e7365dc3f4d30eef43c1351d45328528a4598aea6cd
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b556d725f46b7b00f43ed152770566b313f91029a98bb39497ecd46a8df36264
ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9
bca12d022ee87083d6c81f7f4470e056e85784526047b6dc635bb178fc3960d6
c1108df430c3ae6e1aaae966960e171d2f04d7180a2035e469a4132e92654ae1
c77b80379758b59772d2235318a87fb980caea9768c41dae78558dde50a38f2d
c8acdb47c7f667bb9278e7a9fb087bc1f74e99a7e64b11a244885466ea96ff17
c9ecc0e09caee36d6067850647c5c82ad65a7fff6383444e2b2b990f463eb5db
cbc8c1fd0414effe4941e92e5c8f02238f86c6d35e490c57dafe611a67e2a8f9
cd3e8184c6cf9168691f2e70a1955726825cfaa3d536037bc3b58801654de175
cd719760c9774aa38b8e00debd9a937d2dd1df253c45a41c5560f67b072b737c
cd786de21f9cdf8be695c83064d9d62bc22039947c64c3ef66da4b7826266dbf
ce13b77cda01e6440b7e17f3dc78271eb282476e1494e7821a5c00d04ed75b73
d0d142f94fa2bee90d593f35512739fe481bcf394dbeb89e94d2abbed2e637c9
d3a31bb79dc61daf20c0158fb1aae06157b46c0b95ca09745bc642f62cb4875d
d4d8642bdb086731d8b6221eab5a55bf48156ed40892dcae6e47561d4cbcbcdd
d54e30bf883c608dfc4ed8da6255d7459ce647318b9ccfa07b54715c286478d0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e31b6a4a644e0b32e240e5e9f905171c66236fafe153d1036021d9af4e7b9486
e358ac9219c2bfde08ebd2b62efe991cc0e27671ec64bdc5b6b15a5c195107de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc0f2b248084ecd8a3fff24c72dff13d675e2320b77973ba41ef1d01bfa85b
e5aeac1bf179a4af7fd5d7446fff7991f2d56edeb294f56a7ae2f247afa0781a
ec86b247411109e443a494abc6ff5a0810dc9f803b9c808ccfc566509fb4e00c
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
efb692bd79e9a2a1185c1dec8d36f4bec08d68b60df8a4f732f11b15298236d8
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f6f80ea9642c46cad193dbd62a4a6af750e3e8179b241b11ffbdf4205fd5efe9
f7b4f63717c249100d26dc7a82321bc219e86f3b53c0c1b7a0aa219d2eaa27c3
fb11cf7a4c2fba921249170b939e7e0799631adf4d85f3caa537d2e6ab4e009a
fee693cd22c4f9224d064e2a4f961dd9c1fb971321b4bed599441c6e59554983
ff2ab3e4bb6f5d145aead90c07e5ace5ac05647fc640bdfbd31f58c81578ddcb