Submitted URL: http://groove.origamirisk.com/url/C1J-mw8Lw5LQMuGhJbs-3Ok7C64/aHR0cHM6Ly93d3cub3JpZ2FtaXJpc2suY29tL2Jsb2ctcG9zdHMjZ3Jvb3Zlc3Vt...
Effective URL: https://www.origamirisk.com/blog-posts
Submission: On April 05 via api from US — Scanned from DE

Summary

This website contacted 36 IPs in 5 countries across 28 domains to perform 69 HTTP transactions. The main IP is 3.225.214.100, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.origamirisk.com. The Cisco Umbrella rank of the primary domain is 911928.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 1st 2022. Valid for: a year.
This is the only time www.origamirisk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.22.174.111 14618 (AMAZON-AES)
13 3.225.214.100 14618 (AMAZON-AES)
1 35.201.125.192 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.93.80 13335 (CLOUDFLAR...)
2 23.205.237.4 16625 (AKAMAI-AS)
4 152.195.15.58 15133 (EDGECAST)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.190.5.192 15169 (GOOGLE)
5 23.75.232.42 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.143.187.152 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 1 35.201.70.94 15169 (GOOGLE)
1 34.111.78.58 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.37 16509 (AMAZON-02)
1 142.250.186.34 15169 (GOOGLE)
2 54.174.28.206 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 143.204.98.67 16509 (AMAZON-02)
5 192.28.147.37 15224 (OMNITURE)
1 143.204.98.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2 54.216.37.155 16509 (AMAZON-02)
1 2 143.204.98.57 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 143.204.98.59 16509 (AMAZON-02)
1 143.204.98.102 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.28.147.68 15224 (OMNITURE)
1 2600:9000:215... 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
1 162.247.242.31 23467 (NEWRELIC-...)
69 36
Apex Domain
Subdomains
Transfer
14 origamirisk.com
groove.origamirisk.com
www.origamirisk.com — Cisco Umbrella Rank: 911928
426 KB
11 marketo.com
app-sj28.marketo.com — Cisco Umbrella Rank: 56998
sjrtp8-cdn.marketo.com — Cisco Umbrella Rank: 73396
rtp-static.marketo.com — Cisco Umbrella Rank: 16761
sjrtp8.marketo.com — Cisco Umbrella Rank: 108093
192 KB
7 bc0a.com
marvel-b2-cdn.bc0a.com — Cisco Umbrella Rank: 19096
consents-cf.bc0a.com — Cisco Umbrella Rank: 67425
cookie-cdn.bc0a.com — Cisco Umbrella Rank: 81315
marvel-b1-cdn.bc0a.com — Cisco Umbrella Rank: 23443
marvel-processor.bc0a.com — Cisco Umbrella Rank: 61561
18 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
www.linkedin.com — Cisco Umbrella Rank: 595
px4.ads.linkedin.com — Cisco Umbrella Rank: 4868
3 KB
3 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1326
api.company-target.com — Cisco Umbrella Rank: 3384
2 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 624
script.hotjar.com — Cisco Umbrella Rank: 958
vars.hotjar.com — Cisco Umbrella Rank: 1008
66 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
3 gstatic.com
fonts.gstatic.com
60 KB
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 8866
33 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5640
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 7
655 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
1019 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
2 KB
2 engagio.com
web-analytics.engagio.com — Cisco Umbrella Rank: 41626
32 KB
2 b0e8.com
cdn.b0e8.com — Cisco Umbrella Rank: 10360
a1.b0e8.com — Cisco Umbrella Rank: 10575
22 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4110
26 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3543
6 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 647
322 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 396
14 KB
1 cloudfront.net
dn1f1hmdujj40.cloudfront.net
8 KB
1 mktoresp.com
862-kwb-364.mktoresp.com
311 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 599
66 B
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 5329
21 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 938
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 10362
204 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
70 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
1012 B
69 28
Domain Requested by
13 www.origamirisk.com www.origamirisk.com
5 sjrtp8.marketo.com sjrtp8-cdn.marketo.com
cdn.bizible.com
4 rtp-static.marketo.com sjrtp8-cdn.marketo.com
3 www.google-analytics.com www.googletagmanager.com
cdn.bizible.com
www.origamirisk.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.bizible.com www.origamirisk.com
cdn.bizible.com
2 www.google.de www.origamirisk.com
2 www.google.com www.origamirisk.com
2 segments.company-target.com 1 redirects www.origamirisk.com
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com 2 redirects
2 web-analytics.engagio.com www.origamirisk.com
dn1f1hmdujj40.cloudfront.net
2 cookie-cdn.bc0a.com consents-cf.bc0a.com
2 consents-cf.bc0a.com www.origamirisk.com
2 static.addtoany.com www.origamirisk.com
static.addtoany.com
2 munchkin.marketo.net www.origamirisk.com
munchkin.marketo.net
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.origamirisk.com
1 dn1f1hmdujj40.cloudfront.net web-analytics.engagio.com
1 862-kwb-364.mktoresp.com munchkin.marketo.net
1 vars.hotjar.com static.hotjar.com
1 api.company-target.com cdn.bizible.com
1 id.rlcdn.com www.origamirisk.com
1 px4.ads.linkedin.com www.origamirisk.com
1 www.linkedin.com 1 redirects
1 stats.g.doubleclick.net cdn.bizible.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 tag.demandbase.com www.origamirisk.com
1 snap.licdn.com www.origamirisk.com
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 a1.b0e8.com www.origamirisk.com
1 cdn.bizibly.com www.origamirisk.com
1 marvel-processor.bc0a.com 1 redirects
1 marvel-b1-cdn.bc0a.com 1 redirects
1 www.googletagmanager.com www.origamirisk.com
1 sjrtp8-cdn.marketo.com www.origamirisk.com
1 cdn.b0e8.com www.origamirisk.com
1 app-sj28.marketo.com www.origamirisk.com
1 fonts.googleapis.com www.origamirisk.com
1 marvel-b2-cdn.bc0a.com www.origamirisk.com
1 groove.origamirisk.com 1 redirects
69 43

This site contains links to these domains. Also see Links.

Domain
live.origamirisk.com
www.linkedin.com
www.facebook.com
Subject Issuer Validity Valid
*.origamirisk.com
Entrust Certification Authority - L1K
2022-04-01 -
2023-04-08
a year crt.sh
cdn.bc0a.com
GTS CA 1D4
2022-03-14 -
2022-06-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
app-sj28.marketo.com
Cloudflare Inc ECC CA-3
2021-06-09 -
2022-06-08
a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2022-02-06 -
2023-02-07
a year crt.sh
io.bizible.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-30 -
2022-07-05
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-05 -
2022-07-04
a year crt.sh
cdn.b0e8.com
GTS CA 1D4
2022-03-18 -
2022-06-16
3 months crt.sh
*.marketo.com
DigiCert SHA2 Secure Server CA
2022-02-06 -
2023-02-07
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
consents-cf.bc0a.com
Amazon
2021-07-29 -
2022-08-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
cookie-cdn.bc0a.com
Amazon
2022-01-30 -
2023-02-28
a year crt.sh
b0e8.com
GTS CA 1D4
2022-03-18 -
2022-06-16
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.engagio.com
Amazon
2021-07-06 -
2022-08-04
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2
2021-10-18 -
2022-10-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2
2021-10-20 -
2022-09-26
a year crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
www.google.de
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-30 -
2022-11-30
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-06 -
2022-11-07
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.origamirisk.com/blog-posts
Frame ID: B2ED107A1F5B0D5E4D566BCB33193A12
Requests: 68 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 6742D1DCCA80E7E3234E7E82E937B925
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 8BFE1C2B8CBF92FC9B323DB9BE17BE78
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Blog Posts | Origami Risknewsblogblogblogblogblogblogblogblogblog

Page URL History Show full URLs

  1. http://groove.origamirisk.com/url/C1J-mw8Lw5LQMuGhJbs-3Ok7C64/aHR0cHM6Ly93d3cub3JpZ2FtaXJpc2suY29tL2Jsb2ct... HTTP 302
    https://www.origamirisk.com/blog-posts Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • web-analytics\.engagio\.com/js/ei\.js
  • web-analytics\.engagio\.com/api/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

96 %
HTTPS

35 %
IPv6

28
Domains

43
Subdomains

36
IPs

5
Countries

1037 kB
Transfer

2493 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://groove.origamirisk.com/url/C1J-mw8Lw5LQMuGhJbs-3Ok7C64/aHR0cHM6Ly93d3cub3JpZ2FtaXJpc2suY29tL2Jsb2ctcG9zdHMjZ3Jvb3Zlc3VtOjEyNzA2Njg1ODI= HTTP 302
    https://www.origamirisk.com/blog-posts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://marvel-b1-cdn.bc0a.com/f00000000144199/cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&rnd=360405&cdn_o=a&_biz_z=1649191567181 HTTP 302
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000144199&url=https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&rnd=360405&cdn_o=a&_biz_z=1649191567181 HTTP 307
  • https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&rnd=360405&cdn_o=a&_biz_z=1649191567181
Request Chain 49
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3505972%26time%3D1649191567340%26url%3Dhttps%253A%252F%252Fwww.origamirisk.com%252Fblog-posts%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true&e_ipv6=AQIV_293MMihuAAAAX_7ekGed7T4gX2xCvUwOW6_GUTa-qDQoLOvz1aNAvfa-4DtlBuymGkIgg
Request Chain 50
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg&verifyHash=b94cc01e23a71d320981d63bb0e418cfffa2f408

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request blog-posts
www.origamirisk.com/
Redirect Chain
  • http://groove.origamirisk.com/url/C1J-mw8Lw5LQMuGhJbs-3Ok7C64/aHR0cHM6Ly93d3cub3JpZ2FtaXJpc2suY29tL2Jsb2ctcG9zdHMjZ3Jvb3Zlc3VtOjEyNzA2Njg1ODI=
  • https://www.origamirisk.com/blog-posts
140 KB
32 KB
Document
General
Full URL
https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5cbebb80c4e26aec8f79c3e3ef2f41272fabfbbe1d6013dde17477280b139e4b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=86400, public, s-maxage=2764800
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 20:46:06 GMT
etag
"1649186921"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 05 Apr 2022 19:28:41 GMT
link
<https://www.origamirisk.com/blog-posts>; rel="alternate"; hreflang="en" <https://www.origamirisk.com/blog-posts>; rel="canonical" <https://www.origamirisk.com/node/3731>; rel="shortlink" <https://www.origamirisk.com/blog-posts>; rel="revision"
server
nginx
strict-transport-security
max-age=15768000
vary
Cookie,Accept-Encoding,X-Geo-Country
via
varnish
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-geo-country
DE
x-request-id
v-6a614502-b521-11ec-bb13-e7255872c63d
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Length
104
Content-Security-Policy-Report-Only
default-src 'self' https: https://assets.grooveapp.com/; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'self' https: 'sha256-rnCv9YsRc1bPlcjF00cdflQoGKAh1VBbXcY4IFrDaFY=' 'sha256-ikUayDGcXFig9AxzcG35foXLtbwEsFwiT0gFrJ1erL8=' 'sha256-s0761h4ra0f3WSBdCyYY/WCsxbzcluVUNo382Ih+MbM=' 'sha256-u1yGwJFi9M3J1F4zp3irCfQ3Rz3GwOtJvLi977huBS4='; style-src 'self' https: https://maxcdn.bootstrapcdn.com 'sha256-Go04rLD+KX2EmFTIQELVhuU9gVIzmh+CF1xznFMryB4='; connect-src 'self' https://api-js.mixpanel.com https://api.segment.io https://api-iam.intercom.io https://cdn.segment.com wss://notifications.grooveapp.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; report-uri https://o84998.ingest.sentry.io/api/1190271/security/?sentry_key=c13ce42a7e244ce3b1e1493e1a678cd5&sentry_environment=production
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Apr 2022 20:46:06 GMT
Location
https://www.origamirisk.com/blog-posts
Permissions-Policy
accelerometer=(), gyroscope=(), magnetometer=(), payment=(), usb=()"
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Via
1.1 spaces-router (1ee3716bf5eb)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
d1f6f60d-30ef-fc8b-745c-f83777ed9ea4
X-Runtime
0.341726
X-Xss-Protection
1; mode=block
marvel.js
marvel-b2-cdn.bc0a.com/
9 KB
4 KB
Script
General
Full URL
https://marvel-b2-cdn.bc0a.com/marvel.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.125.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:26:11 GMT
content-encoding
gzip
age
1195
x-guploader-uploadid
ADPycdtHk6OkvsspFZUAPiXTdA2WVej6jVR5RlBoJjWBOdfJYY2KK0SumLr6AxCJuTGZM0aUhapl6pUJT-wvaxoICr-qDz8JXg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
3217
last-modified
Wed, 01 Sep 2021 18:16:49 GMT
server
UploadServer
etag
"5a385b6f8bc7f4775b2ec7b66c0ec4c2"
vary
Accept-Encoding
x-goog-hash
crc32c=0X9o7A==, md5=Wjhbb4vH9HdbLse2bA7Ewg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1630520209881243
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
3217
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 05 Apr 2022 21:26:11 GMT
google_tag.script.js
www.origamirisk.com/sites/default/files/google_tag/primary/
348 B
620 B
Script
General
Full URL
https://www.origamirisk.com/sites/default/files/google_tag/primary/google_tag.script.js?r8wqv7
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4a9df5a898095944189c2f544eb4af08e3080cd481d5ce3baf2ad4c7eb04df21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607221
x-cache
HIT
x-cache-hits
11078
x-ah-environment
prod
content-length
281
x-request-id
v-9d764f72-af9b-11ec-abcf-878f91ecbbe7
last-modified
Thu, 17 Mar 2022 21:11:36 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 12 Apr 2022 20:05:45 GMT
css_mq6KwrwqrmudYGN62UHLSfdzN_wa4h09-TPwhFURV8Q.css
www.origamirisk.com/sites/default/files/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.origamirisk.com/sites/default/files/css/css_mq6KwrwqrmudYGN62UHLSfdzN_wa4h09-TPwhFURV8Q.css
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9aae8ac2bc2aae6b9d60637ad941cb49f77337fc1ae21d3df933f084551157c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159623
x-cache
HIT
x-cache-hits
197
x-ah-environment
prod
content-length
2966
x-request-id
v-c39e9018-b3ad-11ec-aaf3-7789339a9870
last-modified
Tue, 08 Mar 2022 02:53:59 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 00:25:43 GMT
css_GhiLv0aQr-OqzQr23SaxnncFP1kvlXtzVfDMCZAqwyE.css
www.origamirisk.com/sites/default/files/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.origamirisk.com/sites/default/files/css/css_GhiLv0aQr-OqzQr23SaxnncFP1kvlXtzVfDMCZAqwyE.css
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1a188bbf4690afe3aacd0af6dd26b19e77053f592f957b7355f0cc09902ac321
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607220
x-cache
HIT
x-cache-hits
11270
x-ah-environment
prod
content-length
2730
x-request-id
v-9d73c5b8-af9b-11ec-8bbf-d364ab58ea6b
last-modified
Tue, 08 Mar 2022 02:28:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 12 Apr 2022 20:05:45 GMT
css2
fonts.googleapis.com/
3 KB
1012 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c06dbde96ec7b0cb73511e3ee41ba1db36a7b3c8efe2abf84cc87d9ded99d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 20:46:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Apr 2022 20:46:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Apr 2022 20:46:06 GMT
css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
www.origamirisk.com/sites/default/files/css/
100 KB
15 KB
Stylesheet
General
Full URL
https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
195db304066fe19f80d80a6fca632f772e0a89d6bb8a0ebe3b0c452a871c1b4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76147
x-cache
HIT
x-cache-hits
102
x-ah-environment
prod
content-length
15433
x-request-id
v-1ed1863a-b470-11ec-9008-0b6c72d26771
last-modified
Fri, 18 Feb 2022 00:02:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 23:36:58 GMT
forms2.min.js
app-sj28.marketo.com/js/forms2/js/
205 KB
68 KB
Script
General
Full URL
https://app-sj28.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 07 Mar 2022 19:28:07 GMT
server
cloudflare
age
5068
etag
"32c124f-3326e-5d9a5dd2b7fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
6f75219c1b9aee33-CDG
expires
Wed, 06 Apr 2022 00:46:06 GMT
modernizr.min.js
www.origamirisk.com/core/assets/vendor/modernizr/
5 KB
2 KB
Script
General
Full URL
https://www.origamirisk.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.3.1
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-geo-country
DE
age
45291
x-cache
HIT
x-ah-environment
prod
content-length
2110
x-request-id
v-f6f4245e-b4b7-11ec-97bd-7b01672e0657
last-modified
Wed, 14 Oct 2020 23:20:19 GMT
server
nginx
vary
Accept-Encoding,X-Geo-Country
content-type
application/javascript
via
varnish
expires
Tue, 19 Apr 2022 08:11:15 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
19
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-237-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 01:24:07 GMT
Server
AkamaiNetStorage
ETag
"461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
bizible.js
cdn.bizible.com/scripts/
83 KB
32 KB
Script
General
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6367) /
Resource Hash
cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 21:52:30 GMT
server
ECS (lhb/6367)
age
64227
etag
"fdb0a99e4945d81:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
32300
logo.svg
www.origamirisk.com/themes/custom/themekit/
14 KB
14 KB
Image
General
Full URL
https://www.origamirisk.com/themes/custom/themekit/logo.svg
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
38f56df5ba76d7b7595902d3c3e2971b954007a77caab18aff4830cca48d7c95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
via
varnish
x-content-type-options
nosniff
expires
Tue, 12 Apr 2022 20:05:47 GMT
last-modified
Wed, 14 Oct 2020 23:20:35 GMT
server
nginx
age
607219
x-cache
HIT
content-type
image/svg+xml
x-ah-environment
prod
cache-control
max-age=1209600
accept-ranges
bytes
content-length
13856
x-request-id
v-9f73f252-af9b-11ec-8b56-7bb6c2e72a54
x-cache-hits
9379
js_KmM1yZsBY351_Y2Yu560fnLLIiO83nqXw00_sfv78U0.js
www.origamirisk.com/sites/default/files/js/
96 KB
33 KB
Script
General
Full URL
https://www.origamirisk.com/sites/default/files/js/js_KmM1yZsBY351_Y2Yu560fnLLIiO83nqXw00_sfv78U0.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2a6335c99b01637e75fd8d98bb9eb47e72cb2223bcde7a97c34d3fb1fbfbf14d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607206
x-cache
HIT
x-cache-hits
4362
x-ah-environment
prod
content-length
33171
x-request-id
v-a74cd700-af9b-11ec-9412-d32cc9f2bf3f
last-modified
Tue, 08 Mar 2022 02:28:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 12 Apr 2022 20:06:00 GMT
page.js
static.addtoany.com/menu/
72 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
130876
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
6f75219d0ccf2397-ZRH
cf-bgj
minify
js_Ay_ttTPAYx5-8806C2ixLicE1JvUCjLmZfnglfGbtiU.js
www.origamirisk.com/sites/default/files/js/
191 KB
59 KB
Script
General
Full URL
https://www.origamirisk.com/sites/default/files/js/js_Ay_ttTPAYx5-8806C2ixLicE1JvUCjLmZfnglfGbtiU.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
032fedb533c0631e7ef3cd3a0b68b12e2704d49bd40a32e665f9e095f19bb625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/blog-posts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76147
x-cache
HIT
x-cache-hits
126
x-ah-environment
prod
content-length
59550
x-request-id
v-1edf1e1c-b470-11ec-98be-534c3dc89ab9
last-modified
Thu, 17 Mar 2022 21:15:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 18 Apr 2022 23:36:58 GMT
conv_v3.js
cdn.b0e8.com/
67 KB
22 KB
Script
General
Full URL
https://cdn.b0e8.com/conv_v3.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.5.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:31:00 GMT
content-encoding
gzip
age
906
x-guploader-uploadid
ADPycdsQoarcKM_1TUl14klrxP0oqimRb1eFHQpPKwPe99JrjKjuSDznX9CNB3bYBJRopNXO2IhvdUbesyBdiR7s1lbystE2ew
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21573
last-modified
Wed, 23 Mar 2022 23:53:55 GMT
server
UploadServer
etag
"0acedbfc86d9cc291bf807c3fe3ea666"
vary
Accept-Encoding
x-goog-hash
crc32c=lWvUnQ==, md5=Cs7b/IbZzCkb+AfD/j6mZg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648079635204763
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21573
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 05 Apr 2022 21:31:00 GMT
rtp.js
sjrtp8-cdn.marketo.com/rtp-api/v1/
154 KB
42 KB
Script
General
Full URL
https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-232-42.deploy.static.akamaitechnologies.com
Software
Jetty(7.3.1.v20110307) /
Resource Hash
79c68bcdef1e082f5b1390dfa1b129feea41a929961440b2e6d44f211cd64f43
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63113904
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:21:46 GMT
Server
Jetty(7.3.1.v20110307)
Date
Tue, 05 Apr 2022 20:46:07 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
public, max-age=201
Connection
keep-alive
Content-Length
42853
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.origamirisk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
522936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:30:30 GMT
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v8/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/bebasneue/v8/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.origamirisk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:56:18 GMT
x-content-type-options
nosniff
age
521388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:56:18 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.origamirisk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:31:09 GMT
x-content-type-options
nosniff
age
414897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:31:09 GMT
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11757ea49d9266348337078180dba5a0bcc4cd899cd235e63a3fc6c3ec29ded1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
becookiebar.js
consents-cf.bc0a.com/consentbar/corejs/
17 KB
5 KB
Script
General
Full URL
https://consents-cf.bc0a.com/consentbar/corejs/becookiebar.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:7608:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a690ec127a371fcb6d94794360085a8134420b709e8e82087fe17fd95d7190ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 04:01:42 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 06:49:26 GMT
server
AmazonS3
age
60265
etag
W/"c482e2c9e9212e9b97c07294c42e1c96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cMac68S2hTqozd1ZJLBkJMpMBjO8PoXFOTxIPMDn-HoGRH250hPK8g==
consentpref_f00000000144199.js
consents-cf.bc0a.com/consentpref/js/
25 KB
8 KB
Script
General
Full URL
https://consents-cf.bc0a.com/consentpref/js/consentpref_f00000000144199.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:7608:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e7afb2c8a892c6a63521276a2b01eacf87d0dce0a837e587f13a4447d7eed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:50:08 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 06:00:16 GMT
server
AmazonS3
age
21359
etag
W/"51e37473b426142264f5d6ef4e39f607"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HrMqrmZzKudwij6qq95-Re0f1Di4UXmSWvgT0SMgIx9-T3egMRjrew==
truncated
/
176 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cc855db87a01cf021c85b04960d72be369cd95c74669ad994021e5b9a59f1da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
3a18e159afbfb429330207b53e5ba236.jpg
www.origamirisk.com/themes/custom/themekit/dist/
254 KB
255 KB
Image
General
Full URL
https://www.origamirisk.com/themes/custom/themekit/dist/3a18e159afbfb429330207b53e5ba236.jpg
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
769824a7ff958cb1ac6a81bc17943bc74f4ac05e56e5fda7afda4aef008ed34d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
via
varnish
x-content-type-options
nosniff
expires
Tue, 12 Apr 2022 20:15:17 GMT
last-modified
Wed, 14 Oct 2020 23:20:21 GMT
server
nginx
age
606649
x-cache
HIT
content-type
image/jpeg
x-ah-environment
prod
cache-control
max-age=1209600
accept-ranges
bytes
content-length
260045
x-request-id
v-f37c43da-af9c-11ec-93d8-63dfa191153a
x-cache-hits
2024
icomoon.woff
www.origamirisk.com/themes/custom/themekit/dist/fonts/icomoon/fonts/
6 KB
7 KB
Font
General
Full URL
https://www.origamirisk.com/themes/custom/themekit/dist/fonts/icomoon/fonts/icomoon.woff
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
136ff6f9ca176ea67fca31193a9cb0478cf247e1a6224759efa91eb0b8029df9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
Origin
https://www.origamirisk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
via
varnish
x-content-type-options
nosniff
expires
Tue, 12 Apr 2022 20:05:47 GMT
last-modified
Wed, 14 Oct 2020 23:20:21 GMT
server
nginx
age
607219
x-cache
HIT
x-ah-environment
prod
cache-control
max-age=1209600
accept-ranges
bytes
content-length
6468
x-request-id
v-9f7461d8-af9b-11ec-99f7-630c8d3979a7
x-cache-hits
10938
sm.23.html
static.addtoany.com/menu/ Frame 6742
741 B
577 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
2313402
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
6f75219eaf182397-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 05 Apr 2022 20:46:07 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e2s
x-content-type-options
nosniff
gtm.js
www.googletagmanager.com/
198 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZGVHZS
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/sites/default/files/google_tag/primary/google_tag.script.js?r8wqv7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c078b2d1dc3f3b26e00be334c717d80c369d256621d82c36c62c644d97fec94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71673
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 19:47:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Apr 2022 20:46:07 GMT
munchkin.js
munchkin.marketo.net/161/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/161/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-237-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 00:38:21 GMT
Server
AkamaiNetStorage
ETag
"0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4681
Expires
Thu, 14 Jul 2022 20:46:07 GMT
dmb_notifications
www.origamirisk.com/ajax/
1 KB
897 B
XHR
General
Full URL
https://www.origamirisk.com/ajax/dmb_notifications
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/sites/default/files/js/js_KmM1yZsBY351_Y2Yu560fnLLIiO83nqXw00_sfv78U0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
74e432a2508fc0074ade2164e914b773abdea4902dad19210abff80571d7346c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.origamirisk.com/blog-posts
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-geo-country
DE
age
0
x-cache
MISS
x-ah-environment
prod
vary
Accept-Encoding,X-Geo-Country
content-length
423
x-xss-protection
1; mode=block
x-request-id
v-6acdbd2c-b521-11ec-ae30-ef428704a339
x-ua-compatible
IE=edge
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000
content-language
en
via
varnish
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
must-revalidate, no-cache, private
accept-ranges
bytes
content-type
application/json
expires
Sun, 19 Nov 1978 05:00:00 GMT
addcookieeventtoqueue
cookie-cdn.bc0a.com/
145 B
276 B
Fetch
General
Full URL
https://cookie-cdn.bc0a.com/addcookieeventtoqueue
Requested by
Host: consents-cf.bc0a.com
URL: https://consents-cf.bc0a.com/consentbar/corejs/becookiebar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.187.152 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-187-152.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2435b466d81f04ff5ba64ded676b3fc15be01987eb19f2ffede877cd496f71bf

Request headers

Referer
https://www.origamirisk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 05 Apr 2022 20:46:07 GMT
content-length
145
apigw-requestid
QH-WehPFiYcEJIQ=
testdata
ok
content-type
application/json
addcookieeventtoqueue
cookie-cdn.bc0a.com/ Frame
0
0
Preflight
General
Full URL
https://cookie-cdn.bc0a.com/addcookieeventtoqueue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.143.187.152 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-143-187-152.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.origamirisk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
apigw-requestid
QH-WcgwpCYcEJBA=
content-length
2
content-type
application/json
date
Tue, 05 Apr 2022 20:46:07 GMT
testdata
ok
ipv
cdn.bizible.com/m/
43 B
327 B
Image
General
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567174&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&_biz_n=0&rnd=440313&cdn_o=a&_biz_z=1649191567178
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63A5) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
last-modified
Thu, 31 Mar 2022 02:54:56 GMT
server
ECS (lhb/63A5)
age
496271
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
u
cdn.bizibly.com/
Redirect Chain
  • https://marvel-b1-cdn.bc0a.com/f00000000144199/cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_bi...
  • https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000144199&url=https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.orig...
  • https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk...
43 B
204 B
Image
General
Full URL
https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&rnd=360405&cdn_o=a&_biz_z=1649191567181
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A2) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
last-modified
Thu, 31 Mar 2022 02:54:59 GMT
server
ECS (lhb/62A2)
age
496268
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
via
1.1 google
x-content-type-options
nosniff
location
https://cdn.bizibly.com/u?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_s=264edf&_biz_l=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&_biz_t=1649191567181&_biz_i=Blog%20Posts%20%7C%20Origami%20Risk&rnd=360405&cdn_o=a&_biz_z=1649191567181
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
0
brightedge3.php
a1.b0e8.com/
35 B
226 B
Image
General
Full URL
https://a1.b0e8.com/brightedge3.php?id=f00000000144199&p_id=JJRL4NRJRJ64RNL2R64JJR66RAAAAAAAAH&bf=2d44afda590c9017234292a6b232b6fc&url=https%3A//www.origamirisk.com/blog-posts&ref=&bn=1&bv=3.44&title=Blog%20Posts%20%7C%20Origami%20Risk&metadesc=Origami%20Risk%20blogs%20keep%20you%20informed%20on%20the%20latest%20trends%20in%20the%20insurance%20risk%20industry%20and%20internal%20thought%20leadership.&metakeywords=&s_id=JJRL4NRJRJ64RA2P6NJJR66RAAAAAAAAH
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.78.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.78.111.34.bc.googleusercontent.com
Software
bws/1.0 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-be-pop
BRU-1-301
date
Tue, 05 Apr 2022 20:46:05 GMT
via
1.1 google
last-modified
Wed, 23 Jun 2021 22:46:15 GMT
server
bws/1.0
etag
"60d3b9b7-23"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
xdc.js
cdn.bizible.com/
116 B
526 B
Script
General
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=778b42e5bc9941a5fe6f045efb94d890&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.02.16
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6384) /
Resource Hash
15cbf9c66b6ad692d5699e3d3a63f9528040c5f6453403d1f2dff666eae485a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:06 GMT
content-encoding
gzip
server
ECS (lhb/6384)
etag
C6A8C688
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private, must-revalidate, max-age=21600
content-type
text/javascript; charset=utf-8
content-length
218
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZGVHZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2481
date
Tue, 05 Apr 2022 20:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 22:04:46 GMT
hotjar-1788300.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1788300.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZGVHZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
bac57c12585bd7ee182b4815982ff5c450738dc3c6549d8078f5e992ff709e6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache-hit
1
etag
W/569c1b01fece216369237288bd4e43c6
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
1910
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-id
VUHukFEW1cwUCb7C7FqBpm_H_kU0bPAysQCwLdeBPyYp6xOnkIDiJA==
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZGVHZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14881
x-xss-protection
0
server
cafe
etag
17469320936275902838
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 20:46:07 GMT
ei.js
web-analytics.engagio.com/js/
32 KB
32 KB
Script
General
Full URL
https://web-analytics.engagio.com/js/ei.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.28.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-28-206.compute-1.amazonaws.com
Software
/
Resource Hash
026bfadfe891941fb64aea6f347ad96a05531fa8b6894a169ed10942f19b0e26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
cache-control
max-age=0
last-modified
Tue, 11 May 2021 18:04:18 GMT
content-length
32702
vary
Origin
content-type
application/javascript; charset=utf-8
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 23:45:34 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=19809
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3104
94281a61.min.js
tag.demandbase.com/
81 KB
21 KB
Script
General
Full URL
https://tag.demandbase.com/94281a61.min.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52ff5fef8b0b0eba20d6494c767c49b58107485b344b0af047cab65690b3856c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
5gQ0HqTi6gL5S7CD9o.1EyN5VnmUvcoz
content-encoding
gzip
etag
W/"bcd6171d96bf72e6a14525916d205651"
age
855
x-cache
Hit from cloudfront
vary
Accept-Encoding
last-modified
Mon, 04 Apr 2022 19:25:46 GMT
server
AmazonS3
date
Tue, 05 Apr 2022 20:31:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
UQ6eJ5OOxSuNemkXu0bvotNp_W_8Q_pA7dY-4fQlekmz4WlEtaq1vg==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1008140849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&ul=en-us&de=UTF-8&dt=Blog%20Posts%20%7C%20Origami%20Risk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1126903489&gjid=2136380416&cid=823740892.1649191567&tid=UA-8161274-1&_gid=365288496.1649191567&_r=1&gtm=2wg441MZGVHZS&z=1122508871
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.origamirisk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.origamirisk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/
91 KB
33 KB
Script
General
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-232-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Sep 2015 11:20:15 GMT
Server
AkamaiNetStorage
ETag
"3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
33467
jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/
22 KB
4 KB
Stylesheet
General
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-232-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2017 08:57:42 GMT
Server
AkamaiNetStorage
ETag
"7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3752
trw
sjrtp8.marketo.com/gw1/
0
435 B
Script
General
Full URL
https://sjrtp8.marketo.com/gw1/trw?aid=origamirisk&trwv.uid=origamirisk-1649191567315-5c9bb788&trwv.vc=1&trwsa.sid=origamirisk-1649191567318-6be806fc&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&pm=&viewedTypes=&rts=1649191567325
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.37 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:08 GMT
Cache-Control
no-cache
Server
Jetty(7.3.1.v20110307)
Connection
close
Content-Length
0
Strict-Transport-Security
max-age=63113904
Content-Type
application/x-javascript; charset=UTF-8
ga-integration-2.0.4.js
rtp-static.marketo.com/rtp/libs/
17 KB
6 KB
Script
General
Full URL
https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-232-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 07:56:23 GMT
Server
AkamaiNetStorage
ETag
"cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5540
modules.9beafb9ca96c2f868fe2.js
script.hotjar.com/
236 KB
62 KB
Script
General
Full URL
https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1788300.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
/
Resource Hash
95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15961
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63051
access-control-allow-origin
*
last-modified
Tue, 05 Apr 2022 16:20:05 GMT
etag
"74214ff5f7e679f43ba048194d7bf23c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
2S3gmg55lXpT72M11qOvrwETbN1zpDZpUqDx6OO17RWrtgGxHiLITQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1024318785/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024318785/?random=1649191567335&cv=9&fst=1649191567335&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg441&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&tiba=Blog%20Posts%20%7C%20Origami%20Risk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79be69eba4cdf41edf5485e7702e991962da3cc4d300c776d4b3edaefd837649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1025
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8161274-1&cid=823740892.1649191567&jid=1126903489&gjid=2136380416&_gid=365288496.1649191567&_u=YEBAAEAAAAAAAC~&z=1794945452
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.origamirisk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Apr 2022 20:46:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.origamirisk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3505972%26time%3D1649191567340%26url%3Dhttps%253A%252F%252Fwww.origamirisk.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true&e_ipv6=AQIV_293MMihuAAAAX_7ekGed7T4gX2xCvUwOW6_GUTa-qDQ...
0
264 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true&e_ipv6=AQIV_293MMihuAAAAX_7ekGed7T4gX2xCvUwOW6_GUTa-qDQoLOvz1aNAvfa-4DtlBuymGkIgg
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E06276F2A5C74F869EA04EFB1EFC7582 Ref B: FRAEDGE0918 Ref C: 2022-04-05T20:46:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb7lWTFNtwsQZe1TTfpA==
x-li-fabric
prod-ltx1

Redirect headers

date
Tue, 05 Apr 2022 20:46:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3D255DA0DDFD4BADBAC6373448A21E44 Ref B: FRAEDGE1115 Ref C: 2022-04-05T20:46:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3505972&time=1649191567340&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&liSync=true&e_ipv6=AQIV_293MMihuAAAAX_7ekGed7T4gX2xCvUwOW6_GUTa-qDQoLOvz1aNAvfa-4DtlBuymGkIgg
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb7lWQIdqfI1MEjOFFSw==
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg&verifyHash=b94cc01e23a71d320981d63bb0e418cfffa2f408
26 B
409 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg&verifyHash=b94cc01e23a71d320981d63bb0e418cfffa2f408
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
HTTP/1.1
Server
143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-57.fra50.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
368c56748094e5a1
X-Amz-Cf-Id
u417QaTOeRW5KWNV8DX-QdfFbWw-YsMbuOQIE_z4BQowwfa6SeGxaA==

Redirect headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AAJK107EmVUAADeTxLvfyg&verifyHash=b94cc01e23a71d320981d63bb0e418cfffa2f408
Connection
keep-alive
trace-id
75daf210a22a7290
Content-Length
0
X-Amz-Cf-Id
DTrx9ijY1N31h_aPqUDDfYIgYLz6Eo-AoDAiXGZ19zGxzvNpt1T3Hg==
464526.gif
id.rlcdn.com/
0
66 B
Image
General
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
ip.json
api.company-target.com/api/v2/
425 B
907 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&page_title=Blog%20Posts%20%7C%20Origami%20Risk&src=tag&auth=DPi3vskMGPCeqG8q520tA0EkpWjQBYsGKQPma3yo
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
710ff0af36d28d46a986a15f4744beb4306e36e19fc2e907dc90cd71e8ab602a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
request-id
2b9ed19f-0286-4620-bfc5-9930f3635db5
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://www.origamirisk.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
TX0CD2TEe5SPE89jKCHX3VDwwVVPdb8trCGIrRb158zyaNmzVZf02A==
expires
Mon, 04 Apr 2022 20:46:07 GMT
msg
sjrtp8.marketo.com/gw1/
0
494 B
Script
General
Full URL
https://sjrtp8.marketo.com/gw1/msg?a=2&sid=origamirisk-1649191567318-6be806fc&aid=origamirisk&viewedTypes=&0.9678562181923516&rts=1649191567395
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.37 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:08 GMT
Content-Encoding
gzip
Server
Jetty(7.3.1.v20110307)
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 8BFE
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1788300.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
5226841
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-amz-cf-id
CVWAsqUgjVT3awGqBL-qzNRN-uOZsmVUAj3RYecsWolq2mjT9guuEA==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8161274-1&cid=823740892.1649191567&jid=1126903489&_u=YEBAAEAAAAAAAC~&z=1746547707
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8161274-1&cid=823740892.1649191567&jid=1126903489&_u=YEBAAEAAAAAAAC~&z=1746547707
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1024318785/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1024318785/?random=1649191567335&cv=9&fst=1649188800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg441&sendb=1&frm=0&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&tiba=Blog%20Posts%20%7C%20Origami%20Risk&async=1&fmt=3&is_vtc=1&random=1493121917&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1024318785/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1024318785/?random=1649191567335&cv=9&fst=1649188800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg441&sendb=1&frm=0&url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&tiba=Blog%20Posts%20%7C%20Origami%20Risk&async=1&fmt=3&is_vtc=1&random=1493121917&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 20:46:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-custom-ui.min.js
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/
126 KB
35 KB
Script
General
Full URL
https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.232.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-232-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2018 12:54:21 GMT
Server
AkamaiNetStorage
ETag
"5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
35484
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1008140849&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&ul=en-us&de=UTF-8&dt=Blog%20Posts%20%7C%20Origami%20Risk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=823740892.1649191567&tid=UA-8161274-1&_gid=365288496.1649191567&gtm=2wg441MZGVHZS&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Romania&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=948514991
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 14:16:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23352
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
visitWebPage
862-kwb-364.mktoresp.com/webevents/
2 B
311 B
Ping
General
Full URL
https://862-kwb-364.mktoresp.com/webevents/visitWebPage?_mchNc=1649191567452&_mchCn=&_mchId=862-KWB-364&_mchTk=_mch-origamirisk.com-1649191567451-98509&_mchHo=www.origamirisk.com&_mchPo=&_mchRu=%2Fblog-posts&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:08 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
6e63b8bb-c4e7-4c9c-b1b2-fd624dbdaa75
ex.svg
www.origamirisk.com/core/misc/icons/ffffff/
582 B
909 B
Image
General
Full URL
https://www.origamirisk.com/core/misc/icons/ffffff/ex.svg
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.214.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-214-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1bbd4c7f5ea4ecd0f4447f72c068c35beee4a09e75ade56fe685cd1deded51f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/sites/default/files/css/css_GV2zBAZv4Z-A2ApvymMvdy4Kida7ig6-OwxFKoccG0o.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
via
varnish
x-content-type-options
nosniff
x-geo-country
DE
age
23204
x-cache
HIT
x-cache-hits
9
x-ah-environment
prod
content-length
582
x-request-id
v-63eb716a-b4eb-11ec-abde-cfe30205d5a2
last-modified
Wed, 14 Oct 2020 23:20:34 GMT
server
nginx
vary
X-Geo-Country
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:19:22 GMT
ei_track_all_packed.js
dn1f1hmdujj40.cloudfront.net/js/
8 KB
8 KB
Script
General
Full URL
https://dn1f1hmdujj40.cloudfront.net/js/ei_track_all_packed.js
Requested by
Host: web-analytics.engagio.com
URL: https://web-analytics.engagio.com/js/ei.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e000:c:90ee:6000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a497fabf53b9e53cb1a9820b2b6743edbf0b8da1e0c9be996af81373687fc38a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:42:21 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 18:04:18 GMT
age
290
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
content-length
8234
x-amz-cf-id
VuCD61l39E76J02EUM2rMxHN2TUgdpI2QI0ItMWlYisMHgQjgo6PVQ==
stat
web-analytics.engagio.com/api/
0
0
Script
General
Full URL
https://web-analytics.engagio.com/api/stat?page_url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&page_title=Blog%20Posts%20%7C%20Origami%20Risk&track_type=page&action=ei_view&category=ei_page_tracking&client_id=&account_id=59b74a94ffe88cc5e16ed638a40256d1bd614695&method=post&callback=EI.api._callbacks.s11998072
Requested by
Host: dn1f1hmdujj40.cloudfront.net
URL: https://dn1f1hmdujj40.cloudfront.net/js/ei_track_all_packed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.28.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-28-206.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 20:46:07 GMT
content-length
9
vary
Origin
content-type
text/plain; charset=utf-8
msg
sjrtp8.marketo.com/gw1/
0
494 B
Script
General
Full URL
https://sjrtp8.marketo.com/gw1/msg?a=2&sid=origamirisk-1649191567318-6be806fc&aid=origamirisk&ma=id%3A862-KWB-364%26token%3A_mch-origamirisk.com-1649191567451-98509&viewedTypes=&0.34420823263210765&rts=1649191568151
Requested by
Host: sjrtp8-cdn.marketo.com
URL: https://sjrtp8-cdn.marketo.com/rtp-api/v1/rtp.js?aid=origamirisk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.37 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:08 GMT
Content-Encoding
gzip
Server
Jetty(7.3.1.v20110307)
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
nr-1215.min.js
js-agent.newrelic.com/
36 KB
14 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1215.min.js
Requested by
Host: www.origamirisk.com
URL: https://www.origamirisk.com/blog-posts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding
gzip
etag
"615035bb6557b191e767e19087efabaf"
x-amz-request-id
QZHHXY1AM869E96X
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13666
x-amz-id-2
V7CfVgossBq5T5uA3qIbCfLJQKR+opQNc7Q4uJN95woGpQl4vuRl5MjTNfuu+OQfJd+L6QU+/S0=
x-served-by
cache-cdg20770-CDG
last-modified
Mon, 24 Jan 2022 22:13:53 GMT
server
AmazonS3
x-timer
S1649191568.359377,VS0,VE0
date
Tue, 05 Apr 2022 20:46:08 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2552
visitor
sjrtp8.marketo.com/gw1/rtp/api/v1_1/
461 B
986 B
XHR
General
Full URL
https://sjrtp8.marketo.com/gw1/rtp/api/v1_1/visitor?sid=origamirisk-1649191567318-6be806fc&aid=origamirisk&1649191568326
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.37 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
1c0b9e13d25e1cab1f128c5293f07eeceab6d115af3f5e19d4f40959ebc712dd
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Apr 2022 20:46:08 GMT
Content-Encoding
gzip
Last-Modified
Tue Apr 05 15:46:08 CDT 2022
Server
Jetty(7.3.1.v20110307)
Strict-Transport-Security
max-age=63113904
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.origamirisk.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sgm
sjrtp8.marketo.com/gw1/ga/
48 B
500 B
XHR
General
Full URL
https://sjrtp8.marketo.com/gw1/ga/sgm?sid=origamirisk-1649191567318-6be806fc&1649191568326
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.37 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(7.3.1.v20110307) /
Resource Hash
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 20:46:08 GMT
Server
Jetty(7.3.1.v20110307)
Strict-Transport-Security
max-age=63113904
Content-Type
text/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Length
48
NRJS-3d496f4986eb19292cf
bam.nr-data.net/1/
57 B
322 B
Script
General
Full URL
https://bam.nr-data.net/1/NRJS-3d496f4986eb19292cf?a=302760484&v=1215.1253ab8&to=MlRQbBNRCkVTUhZeVwsec1sVWQtYHUEDUF06UlNbCVU%3D&rst=2729&ck=1&ref=https://www.origamirisk.com/blog-posts&ap=52&be=1070&fe=2664&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1649191565646,%22n%22:0,%22f%22:558,%22dn%22:558,%22dne%22:609,%22c%22:609,%22s%22:704,%22ce%22:801,%22rq%22:802,%22rp%22:990,%22rpe%22:1056,%22dl%22:993,%22di%22:1498,%22ds%22:1499,%22de%22:1511,%22dc%22:2663,%22l%22:2664,%22le%22:2683%7D,%22navigation%22:%7B%7D%7D&fp=1213&fcp=1213&at=HhNTGltLGUs%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
service.newrelic.co.uk
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.origamirisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| enableMarvel object| NREUM object| newrelic function| __nr_require function| rtp object| a2a_config object| MktoForms2 object| Modernizr function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| initializeFPJSLibrary function| detectIE object| _bright3 function| beLinkBlockCallback boolean| ie_version undefined| style undefined| select object| scriptTag string| org_id object| betrack object| showLogs string| domain object| domainPath object| timeout string| sessionTmeout boolean| bf_e_org object| bf_e_org_list number| bf_i object| bf object| goal object| goalvalue number| maximum_custom_variables number| maximum_custom_metrics object| customdimension_value object| custommetric_value number| maximum_conversions object| conversion_count_value object| conversion_value_value boolean| disableTrack object| deferCallback object| useCustomLinkBlockStyles object| showLinkBlock object| JSON3 function| isSameSiteNoneCompatible function| shouldSendSameSiteNone function| Fingerprint2 undefined| $ function| jQuery object| drupalSettings object| Drupal function| _toConsumableArray object| Cookies object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| a2a object| dataLayer undefined| becookiebarenv string| becookiebarcustomerId string| becookielinkurl string| becookielinktarget boolean| becookiebardebug string| becookiebarversion string| becookiebartestmode string| BE_COOKIE_BAR_POPUP string| BE_COOKIE_NAME string| BE_COOKIE_BAR_ID string| BE_COOKIE_BAR_PANEL_ID string| BE_COOKIE_SHOW string| BE_COOKIE_ACCEPT string| BE_COOKIE_READPOLICY string| BE_COOKIE_CLOSE function| begetParameterByName function| becookielinktextclicked function| beopenprivacypopup function| becloseprivacypopup function| behidecookiepanel function| beacceptcookie function| beclosecookie function| beCookieGetApiData function| beCookieAction function| beCookiePostEndpoint function| beCookieCreateUDID function| beCookieGetUserId function| beCookieCreateUserId function| beCookieGetAttrVal function| beCookieGetConfigVal function| besetCookie function| begetCookie function| beeraseCookie function| becookieAddStylesheet function| becookieAddMQStylesheets function| becookielog function| becookiebarinitkeycode function| becookiesettabindex function| becookiesettabindexForElems function| becookiecleartabindex function| becookielinktextclickedproxy function| beacceptcookieproxy function| beclosecookieproxy function| becloseprivacypopupproxy function| beCookieBarCustomJs function| beclosecookiehandler function| beacceptcookiehandler object| BE_CONSENT_PREF_CONFIG boolean| beConsentPrefEnableGdpr string| beConsentPrefEnv string| beConsentPrefCustomerId boolean| beConsentPrefAcceptCookieOnSave string| beConsentPrefVersion boolean| beConsentPrefDebug boolean| beConsentPrefTestmode string| BE_CONSENT_PREF_SCRIPT_ID string| BE_CONSENT_PREF_CONTROLS_ID string| BE_CONSENT_PREF_ID string| BE_CONSENT_PREF_POPUP_ID string| BE_CONSENT_PREF_LINK_ID string| CONSENT_PREF_COOKIE string| BE_CONSENT_PREF_IP string| BE_CONSENT_PREF_MANAGE_BUTTON string| BE_CONSENT_BAR_ACTIONS string| BE_CONSENT_PREF_ACTIONS string| BE_CONSENT_PREF_SAVE string| BE_CONSENT_PREF_CLOSE boolean| beConsentPrefEnabled function| beGetParameterByName function| beConsentLog function| beConsentPrefAddStylesheet function| __beConsentPrefGetCookies function| __beConsentPrefGetUserPref function| __beConsentPrefPopulatePopupDiv function| __beConsentPrefHidePopup function| __beConsentPrefGetApiData function| beConsentPrefAction function| beConsentPrefOpenPopup function| beConsentPrefClosePopup function| beConsentPrefSubmit function| beConsentPrefAcceptAll function| beConsentPrefToggleOpt function| beConsentPrefToggleView function| beConsentPrefExtractDomain function| beConsentPrefGetEndpoint function| beConsentPrefUnhideSettings function| beConsentPrefReplaceAllText object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API number| c_begin string| cookie_str number| s_expire string| cookie_set_string number| c_end object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| _eiq object| _engagio_settings string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData function| getInternetExplorerVersion function| consoleMessage function| makeGetRequest function| createCORSRequest object| ITLocalStorageAPI object| InsighteraUtil object| iiq object| ibq object| trackObj function| isCurrentSession function| addDynamicScript function| rtpRCMD object| AITag object| aiq object| AIConfig function| setButtonWidthHeight function| getDirectionForWidgetSide function| updateWidget function| initialize function| showWidgetCampaign function| hide function| injectContent function| execute function| destroy object| InsighteraWidget function| setTimeoutFunction object| exp_2_year function| loadRichMediaImage object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| _already_called_lintrk object| Demandbase object| MunchkinTracker function| alignElementPosition function| applyAttributeHeightToPics function| revertAttributeHeightToPics object| EI object| pre_loader object| urlParams

35 Cookies

Domain/Path Name / Value
.app-sj28.marketo.com/ Name: __cf_bm
Value: 5LNAWZuoEiGVI5aSaZ_S3k8LobWmOb2bGgNWl3zamqk-1649191566-0-Aa23HSVhutUIBWen+/ptNVWcwA7+F7suysKmBrgvqwryu5wZPIhHAkFve8kZurDLTulFnH2uSHABPCFQauxXH4o=
www.origamirisk.com/ Name: BE_COOKIE_UDID
Value: 6117dc27-a13c-4d86-8cb7-fe458b2a890f
.origamirisk.com/ Name: _biz_uid
Value: 778b42e5bc9941a5fe6f045efb94d890
.origamirisk.com/ Name: _biz_sid
Value: 264edf
.origamirisk.com/ Name: _biz_nA
Value: 1
.origamirisk.com/ Name: BE_CLA3
Value: p_id%3DJJRL4NRJRJ64RNL2R64JJR66RAAAAAAAAH%26bf%3D2d44afda590c9017234292a6b232b6fc%26bn%3D1%26bv%3D3.44%26s_expire%3D1649277967199%26s_id%3DJJRL4NRJRJ64RA2P6NJJR66RAAAAAAAAH
.bizible.com/ Name: _BUID
Value: 778b42e5bc9941a5fe6f045efb94d890
.origamirisk.com/ Name: _biz_pendingA
Value: %5B%5D
.origamirisk.com/ Name: _gcl_au
Value: 1.1.1917841510.1649191567
.origamirisk.com/ Name: _ga
Value: GA1.2.823740892.1649191567
.origamirisk.com/ Name: _gid
Value: GA1.2.365288496.1649191567
.origamirisk.com/ Name: _gat_UA-8161274-1
Value: 1
.origamirisk.com/ Name: trwv.uid
Value: origamirisk-1649191567315-5c9bb788%3A1
.origamirisk.com/ Name: trwsa.sid
Value: origamirisk-1649191567318-6be806fc%3A1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.origamirisk.com/ Name: _hjSessionUser_1788300
Value: eyJpZCI6IjUzZGY3ZDcxLTgzMDEtNWNlNi1iNWZlLWNmNTdkNWE4NGUxNyIsImNyZWF0ZWQiOjE2NDkxOTE1NjczODcsImV4aXN0aW5nIjpmYWxzZX0=
.origamirisk.com/ Name: _hjFirstSeen
Value: 1
.origamirisk.com/ Name: _hjSession_1788300
Value: eyJpZCI6IjBjOGFhYTJhLTQ2M2YtNDBmYS04NzA3LTM5OTUyNzEyODM1NyIsImNyZWF0ZWQiOjE2NDkxOTE1Njc0NDEsImluU2FtcGxlIjpmYWxzZX0=
.origamirisk.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.origamirisk.com/ Name: _mkto_trk
Value: id:862-KWB-364&token:_mch-origamirisk.com-1649191567451-98509
.bidr.io/ Name: bito
Value: AAJK107EmVUAADeTxLvfyg
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: UserMatchHistory
Value: AQJzRWtDaVxbvQAAAX_7ekBlOQmD8xUHPj--tVATmdG5tb8u2Xmwb91NvGZW1oftTy8YpV8zhZXDkA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIgIltHHhsu0AAAAX_7ekBlMn16kGp_L4naCAHJ_URwzk-ApEgt4Tq7pbMqzS4hXKUJPdvhJ72aOLaplGFW1g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0c99fdcd-ef99-47df-8972-24716674cd1f"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2689:u=1:x=1:i=1649191567:t=1649277967:v=2:sig=AQFPX1esw7nk5ytsRuavaPYYS6YxUM4m"
.company-target.com/ Name: tuuid
Value: eb512009-009d-475c-8ce1-b7d647adefed
.company-target.com/ Name: tuuid_lu
Value: 1649191567
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220405204607895c20a8-9f84-4142-8337-668e25615a36AQHvsa5fOSXakAutKlix53vUGZt_YDeB"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDkxOTE1Njc7MjswMjHstQNssE5NFwG810edLkWHBOLLAfvRY62JeYfh/OlM1w==
.bizibly.com/ Name: _BUID
Value: c44d6b51dd9facfc6fb951f04b319a33
.origamirisk.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22XDomain%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%7D
.nr-data.net/ Name: JSESSIONID
Value: 3434910ca9a25eb3

2 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://web-analytics.engagio.com/api/stat?page_url=https%3A%2F%2Fwww.origamirisk.com%2Fblog-posts&page_title=Blog%20Posts%20%7C%20Origami%20Risk&track_type=page&action=ei_view&category=ei_page_tracking&client_id=&account_id=59b74a94ffe88cc5e16ed638a40256d1bd614695&method=post&callback=EI.api._callbacks.s11998072
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

862-kwb-364.mktoresp.com
a1.b0e8.com
api.company-target.com
app-sj28.marketo.com
bam.nr-data.net
cdn.b0e8.com
cdn.bizible.com
cdn.bizibly.com
consents-cf.bc0a.com
cookie-cdn.bc0a.com
dn1f1hmdujj40.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
groove.origamirisk.com
id.rlcdn.com
js-agent.newrelic.com
marvel-b1-cdn.bc0a.com
marvel-b2-cdn.bc0a.com
marvel-processor.bc0a.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
rtp-static.marketo.com
script.hotjar.com
segments.company-target.com
sjrtp8-cdn.marketo.com
sjrtp8.marketo.com
snap.licdn.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
tag.demandbase.com
vars.hotjar.com
web-analytics.engagio.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.origamirisk.com
104.16.93.80
13.107.42.14
142.250.186.34
143.204.98.102
143.204.98.104
143.204.98.57
143.204.98.59
143.204.98.67
151.101.194.137
152.195.15.58
162.247.242.31
18.66.97.37
192.28.147.37
192.28.147.68
23.205.237.4
23.75.232.42
2600:9000:2156:6600:0:f267:a5c0:93a1
2600:9000:2156:e000:c:90ee:6000:21
2600:9000:2156:fa00:9:7608:8a80:93a1
2606:4700:10::6816:46c5
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9a
2a02:26f0:3500:7::17d8:4dce
3.143.187.152
3.225.214.100
34.111.78.58
35.190.5.192
35.201.125.192
35.201.70.94
35.244.174.68
52.22.174.111
54.174.28.206
54.216.37.155
026bfadfe891941fb64aea6f347ad96a05531fa8b6894a169ed10942f19b0e26
032fedb533c0631e7ef3cd3a0b68b12e2704d49bd40a32e665f9e095f19bb625
11757ea49d9266348337078180dba5a0bcc4cd899cd235e63a3fc6c3ec29ded1
136ff6f9ca176ea67fca31193a9cb0478cf247e1a6224759efa91eb0b8029df9
15cbf9c66b6ad692d5699e3d3a63f9528040c5f6453403d1f2dff666eae485a6
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
195db304066fe19f80d80a6fca632f772e0a89d6bb8a0ebe3b0c452a871c1b4a
1a188bbf4690afe3aacd0af6dd26b19e77053f592f957b7355f0cc09902ac321
1bbd4c7f5ea4ecd0f4447f72c068c35beee4a09e75ade56fe685cd1deded51f5
1c0b9e13d25e1cab1f128c5293f07eeceab6d115af3f5e19d4f40959ebc712dd
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
2435b466d81f04ff5ba64ded676b3fc15be01987eb19f2ffede877cd496f71bf
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
2a6335c99b01637e75fd8d98bb9eb47e72cb2223bcde7a97c34d3fb1fbfbf14d
2c078b2d1dc3f3b26e00be334c717d80c369d256621d82c36c62c644d97fec94
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
38f56df5ba76d7b7595902d3c3e2971b954007a77caab18aff4830cca48d7c95
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cc855db87a01cf021c85b04960d72be369cd95c74669ad994021e5b9a59f1da
4a9df5a898095944189c2f544eb4af08e3080cd481d5ce3baf2ad4c7eb04df21
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
52ff5fef8b0b0eba20d6494c767c49b58107485b344b0af047cab65690b3856c
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
5c06dbde96ec7b0cb73511e3ee41ba1db36a7b3c8efe2abf84cc87d9ded99d81
5cbebb80c4e26aec8f79c3e3ef2f41272fabfbbe1d6013dde17477280b139e4b
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
710ff0af36d28d46a986a15f4744beb4306e36e19fc2e907dc90cd71e8ab602a
74e432a2508fc0074ade2164e914b773abdea4902dad19210abff80571d7346c
769824a7ff958cb1ac6a81bc17943bc74f4ac05e56e5fda7afda4aef008ed34d
79be69eba4cdf41edf5485e7702e991962da3cc4d300c776d4b3edaefd837649
79c68bcdef1e082f5b1390dfa1b129feea41a929961440b2e6d44f211cd64f43
82e7afb2c8a892c6a63521276a2b01eacf87d0dce0a837e587f13a4447d7eed7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1
960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59
9aae8ac2bc2aae6b9d60637ad941cb49f77337fc1ae21d3df933f084551157c4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a497fabf53b9e53cb1a9820b2b6743edbf0b8da1e0c9be996af81373687fc38a
a690ec127a371fcb6d94794360085a8134420b709e8e82087fe17fd95d7190ba
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bac57c12585bd7ee182b4815982ff5c450738dc3c6549d8078f5e992ff709e6a
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7
de2f7f8d7b163a0d422d2a426f84db938dbdae1a8fde621b123306a4a12652a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23