cloud.originsconnect.com Open in urlscan Pro
13.111.179.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.originsconnect.com/?qs=bf900eb27e0c2b59dc4e3affecf5513ace665030f79dfbbac96205753c9871d9bef0be3f9b3267a8b13f0b28b9a2...
Effective URL:
https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f...
Submission: On August 19 via api (August 19th 2021, 6:30:18 pm UTC) from US

Summary HTTP 44 Redirects Links 83 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 44 HTTP transactions. The main IP is 13.111.179.178, located in United States and belongs to EXACT-7, US. The main domain is cloud.originsconnect.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 6th 2021. Valid for: a year.

This is the only time cloud.originsconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.180.143 13.111.180.143	22606 (EXACT-7) (EXACT-7)
6	13.111.179.178 13.111.179.178	22606 (EXACT-7) (EXACT-7)
1	2600:9000:219... 2600:9000:2190:4e00:7:54b8:ff00:21	16509 (AMAZON-02) (AMAZON-02)
2	107.162.156.70 107.162.156.70	55002 (DEFENSE-NET) (DEFENSE-NET)
1	13.224.89.41 13.224.89.41	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.253.133.184 23.253.133.184	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	54.175.67.42 54.175.67.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
44	21

1 13.111.180.143 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.originsconnect.com

click.originsconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.111.179.178 (United States)

ASN22606 (EXACT-7, US)
PTR: cloud.originsconnect.com

cloud.originsconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:4e00:7:54b8:ff00:21 (United States)

ASN16509 (AMAZON-02, US)

d21lzy3dk86arg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.162.156.70 (United States)

ASN55002 (DEFENSE-NET, US)

st1.dialogtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-41.zrh50.r.cloudfront.net

d31y97ze264gaa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.253.133.184 (Orlando, United States)

ASN27357 (RACKSPACE, US)

www.originsrecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.originsconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.67.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-67-42.compute-1.amazonaws.com

514005843.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	originsrecovery.com www.originsrecovery.com	109 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	723 KB
8	originsconnect.com 1 redirects click.originsconnect.com cloud.originsconnect.com image.originsconnect.com	832 KB
3	google.com www.google.com	21 KB
3	facebook.net connect.facebook.net	229 KB
2	facebook.com www.facebook.com	162 B
2	igodigital.com 514005843.collect.igodigital.com nova.collect.igodigital.com	3 KB
2	fontawesome.com pro.fontawesome.com	150 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	dialogtech.com st1.dialogtech.com	883 B
2	cloudfront.net d21lzy3dk86arg.cloudfront.net d31y97ze264gaa.cloudfront.net	33 KB
1	doubleclick.net stats.g.doubleclick.net	91 B
1	googleapis.com ajax.googleapis.com	33 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
44	14

	Domain	Requested by
8	www.originsrecovery.com	cloud.originsconnect.com
7	www.gstatic.com	cloud.originsconnect.com www.google.com www.gstatic.com
6	cloud.originsconnect.com	cloud.originsconnect.com
3	www.google.com	cloud.originsconnect.com www.gstatic.com
3	connect.facebook.net	cloud.originsconnect.com connect.facebook.net
2	www.facebook.com	cloud.originsconnect.com connect.facebook.net
2	pro.fontawesome.com	cloud.originsconnect.com pro.fontawesome.com
2	www.google-analytics.com	cloud.originsconnect.com www.google-analytics.com
2	st1.dialogtech.com	cloud.originsconnect.com d31y97ze264gaa.cloudfront.net
1	fonts.gstatic.com	www.google.com
1	nova.collect.igodigital.com	cloud.originsconnect.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	514005843.collect.igodigital.com	cloud.originsconnect.com
1	image.originsconnect.com	cloud.originsconnect.com
1	ajax.googleapis.com	cloud.originsconnect.com
1	www.googletagmanager.com	cloud.originsconnect.com
1	d31y97ze264gaa.cloudfront.net	cloud.originsconnect.com
1	d21lzy3dk86arg.cloudfront.net	cloud.originsconnect.com
1	click.originsconnect.com	1 redirects
44	19

This site contains links to these domains. Also see Links.

Domain
www.originsrecovery.com
www.headwatersorigins.com
www.originscounselingdallas.com
windhavenhouse.com
www.facebook.com
twitter.com
www.linkedin.com
instagram.com

Subject Issuer	Validity	Valid
cloud.originsconnect.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-06` - `2022-07-07`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.dialogtech.com DigiCert SHA2 Secure Server CA	`2020-02-06` - `2022-05-11`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
originsrecovery.com Thawte RSA CA 2018	`2021-01-04` - `2022-02-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
akamai-san108.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Frame ID: 8827C973E3CA8E7CFF91296F897A83C5
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly93d3cub3JpZ2luc3JlY292ZXJ5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=swdzg2pj6agg
Frame ID: 7B9C3E88AD81D17D930546CF35BE85E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly9jbG91ZC5vcmlnaW5zY29ubmVjdC5jb206NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=rhbykos6ieyo
Frame ID: D61FA705930509473C92FAF3F02C11B5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Drug & Alcohol Addiction Treatment Center Florida & Texas | Rehab Facility

Page URL History Show full URLs

https://click.originsconnect.com/?qs=bf900eb27e0c2b59dc4e3affecf5513ace665030f79dfbbac96205753c9871d9bef0be3f... HTTP 302
https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb524608... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

19
Subdomains

21
IPs

3
Countries

2191 kB
Transfer

3568 kB
Size

6
Cookies

83 Outgoing links

These are links going to different origins than the main page.

URL: https://www.originsrecovery.com/

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/alumni/
Title: Alumni

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/knowledge-library/
Title: Knowledge Library

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/
Title: About Origins

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/help/
Title: Who We Help

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/what-we-treat/
Title: What We Treat

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/overview-philosophy/
Title: Our Philosophy

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/accreditation/
Title: Accreditation

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/outcomes/
Title: Outcomes

Search URL Search Domain Scan URL

URL: https://www.headwatersorigins.com/
Title: HeadWaters

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/10-day-clinical-assessment-program/
Title: 10-Day Clinical Assessment Program

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/residential-programs/
Title: Residential Treatment Programs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/residential-programs/for-men/
Title: Men’s Recovery

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/residential-programs/for-women/
Title: Women’s Recovery

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/residential-programs/older-adult-recovery/
Title: Older Adult Recovery

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/our-programs/intensive-outpatient-program/
Title: Outpatient Programs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/category/bloginsights/
Title: Our Blog

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/
Title: Specialized Services

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/medical-services/
Title: Medical Services

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/age-gender-specific-treatment/
Title: Age-and Gender-Specific/Gender-Separate Options

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/psychological-services/
Title: Origins Center for Brain Recovery

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/recreational-therapy/
Title: Recreational Therapy

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/trauma-informed-treatment/
Title: Trauma-informed Treatment

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/12-step-recovery/
Title: 12-Step Recovery

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/specialized-services/continuing-care-planning/
Title: Continuing Care Planning

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/
Title: Admissions

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/admissions-process/
Title: Admissions Process

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/insurance/
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/patient-rights-confidentiality/
Title: Notice of Privacy

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/typical-day-treatment/
Title: Typical Day in Treatment

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/faq-2/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/admissions/contact-admissions/
Title: Contact Admissions

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/
Title: For Patients

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/alcohol-addiction-alcoholism/
Title: Alcohol Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/pain-killers-opiates-addiction/
Title: Pain Killers | Opiates Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/benzos-xanax-valium-klonopin-benzodiazepine-addiction/
Title: Benzos (Xanax, Valium, Klonopin) | Benzodiazepine Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/cocaine-addiction/
Title: Cocaine Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/heroin-addiction/
Title: Heroin Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/methamphetamine-addiction/
Title: Methamphetamines

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/marijuana-addiction/
Title: Marijuana Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/crack-addiction/
Title: Crack Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/ecstasy-mdma-addiction/
Title: Ecstasy | MDMA Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/ghb-addiction/
Title: GHB Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/psychedelicslsd-mushrooms/
Title: Psychedelics | LSD & Mushrooms Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/inhalants/
Title: Inhalants Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/patient/addicted-to-everything-polysubstance-abuse-polysubstance-addiction/
Title: Polysubstance Abuse & Addiction

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/
Title: For Families

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/family-program/
Title: About Our Family Programs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/family-clinical-philosophy/
Title: Family Clinical Philosophy

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/5-day-program/
Title: Why a Multi-Day Family Program?

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/alanon/
Title: Al-Anon and Why

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/directions/
Title: Directions

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/loved-one-having-problems/faq/
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/referring-professionals/
Title: For Professionals

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/category/news-and-updates/
Title: News and Updates

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/category/podcast/
Title: Podcast

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/referring-professionals/addiction-today-radio/
Title: Addiction Today Radio

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/category/origins-experts/
Title: Origins’ Experts: Blog

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/
Title: Locations and Staff

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/florida-hanley-center-origins/
Title: Hanley Center at Origins

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/florida-hanley-center-origins/hanley-center-team/
Title: Hanley Center Team

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/florida-hanley-center-origins/programs-offered/
Title: Programs Offered

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/florida-hanley-center-origins/amenities-2/
Title: Amenities at Hanley Center at Origins

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/florida-hanley-center-origins/location-directions-2/
Title: Location and Directions – Hanley Center

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/hannahs-house/
Title: Hannah’s House

Search URL Search Domain Scan URL

URL: https://www.originscounselingdallas.com/
Title: Origins Counseling Dallas

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/origins-south-padre/
Title: Origins Recovery Center

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/
Title: South Padre Island

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/south-padre-team/
Title: South Padre Team

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/amenities/
Title: Amenities

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/facilities/location-directions/
Title: Location and Directions – South Padre

Search URL Search Domain Scan URL

URL: https://windhavenhouse.com/
Title: Windhaven House

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/locations-staff/origins-executive-leadership/
Title: Origins Executive Leadership

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/residential-programs/
Title: Residential Programs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/intensive-outpatient-program/
Title: Outpatient Programs

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/origins-executive-leadership/
Title: Executive Team

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.originsrecovery.com/symposium-series/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OriginsBehavioralHealthCare/

Search URL Search Domain Scan URL

URL: https://twitter.com/originsrecovery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/origins-recovery-centers

Search URL Search Domain Scan URL

URL: https://instagram.com/originsrecovery/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.originsconnect.com/?qs=bf900eb27e0c2b59dc4e3affecf5513ace665030f79dfbbac96205753c9871d9bef0be3f9b3267a8b13f0b28b9a2a5ed9580176f02968e168461e30d6a723cee HTTP 302
https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request pref-center Show response
cloud.originsconnect.com/
Redirect Chain

https://click.originsconnect.com/?qs=bf900eb27e0c2b59dc4e3affecf5513ace665030f79dfbbac96205753c9871d9bef0be3f9b3267a8b13f0b28b9a2a5ed9580176f02968e168461e30d6a723cee
https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium...

59 KB
11 KB

790ms
297ms

Document
text/html

13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: 6afeece4fd20cf1cabdcba8fb2305016d5d63c67f6fb640d81281fd4e7064d2c

Request headers

Host: cloud.originsconnect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Date: Thu, 19 Aug 2021 18:29:56 GMT
Connection: close
Content-Length: 11333

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Date: Thu, 19 Aug 2021 18:29:56 GMT
Connection: close
Content-Length: 389

GET
H/1.1 200
OK style_css
cloud.originsconnect.com/ 139 KB
22 KB 705ms
420ms Stylesheet
text/css 13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.originsconnect.com/style_css
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: b6557568047273a216a1b54c659e60781e9f09df1dbd3a775334ff654e136e54

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cloud.originsconnect.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Connection: keep-alive
Referer: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 18:29:58 GMT
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Connection: close
Content-Length: 22361
Expires: -1

GET
H2 200 dialogtech_integrations.js Show response
d21lzy3dk86arg.cloudfront.net/core/ 7 KB
8 KB 56ms
14ms Script
application/javascript 2600:9000:2190:4e00:7:54b8:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21lzy3dk86arg.cloudfront.net/core/dialogtech_integrations.js
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:7:54b8:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51d636dc2133032c14afd8c2ac93ff06e403bf4609cce27965cbd7628b8218fb

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 02:01:33 GMT
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
last-modified: Tue, 04 Sep 2018 18:13:01 GMT
server: AmazonS3
age: 59305
etag: "0632293e047b47d5d8b54dc41a67cc99"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 7353
x-amz-cf-id: 3GYWtdgj9kZjPcV1TMvmRKvSuPfZGgqMHxGbvZFZDaGpenXsmem9CA==

GET
H/1.1 200
OK / Show response
st1.dialogtech.com/st/ 303 B
883 B 568ms
384ms Script
application/javascript 107.162.156.70
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.dialogtech.com/st/?_stk=41dd12bdd6cb768319c538f18d498d4f5e02a5ed&dr=https%3A%2F%2Fwww.google.com%2F&dl=https%3A%2F%2Fwww.originsrecovery.com%2F&dt=Drug%20%26%20Alcohol%20Addiction%20Treatment%20Center%20Florida%20%26%20Texas%20%7C%20Rehab%20Facility&vp=1147x1130&sr=2560x1440&ua=UA-24529294-1&uac=660484208.1599934703&cb=1599934703539&stv=33
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.156.70 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 6ec2b12c9099984c9409a2c7d1bf6e3dfdba0fade3ddf179ccb7d51658650b10

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 18:29:59 GMT
Via: 1.1 fra1-bit19
Last-Modified: Thu Aug 19 2021 18:29:59 GMT+0000 (Coordinated Universal Time)
Vary: Origin
Content-Type: application/javascript
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 303
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK st.js Show response
d31y97ze264gaa.cloudfront.net/assets/st/js/ 68 KB
26 KB 181ms
60ms Script
application/javascript 13.224.89.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-41.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a80a3a78430db048cfb66a76e24598484cc673bb9c54230862dbf9dbf9e913f

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:27:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 15:56:09 GMT
Server: AmazonS3
Age: 396
ETag: W/"6f6885acaa61848f98407ed5df5d3fcc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: NE0vXpYlqIWfpFB0QyhKefPqCUnxa-P5PmcWruGiKbztkhoWvWKfPg==

GET
H2 200 287377445804904 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 295ms
293ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/287377445804904?v=2.9.24&r=stable

Requested by

Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c474c0913a59dda4370a341d0149190e3b9af3a6b94afd10205ceade3d28307b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: HU3iLpCGNuFWCOU6WuqzONiZUBk5sidyNci+gQsUzzr/u10nYHF01SE/R0ywthIKPY+fmlbQmsB11hDdvXT/ag==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 19 Aug 2021 18:29:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: +DrklZs7SYI7hCu/k5gvUmnFxrTW6/IaxhyKy95WWZnkzCoTmxkXfNM6jd9bw3pn39x7+UpH1WKqhC4HfjCkmA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 19 Aug 2021 18:29:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4577
date: Thu, 19 Aug 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 19:13:41 GMT

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 0
0 579ms
578ms Script
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5DPN9Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec28697e8dae0c727525b5fde3efa9a466da9c071134c7d5209c0d630734ca05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38130
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 18:29:58 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 45ms
36ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Origin: https://cloud.originsconnect.com
Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:57 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 116
x-amz-request-id: 66M531A3QEQMV1JB
x-amz-id-2: IslhvHE+c7Dyw6aEZz6XkVfgL1vJD8P9jaNZy1CFHj2rpAapA7uUbjBZdLKbaoTTwZutCqFobRM=
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
server: cloudflare
etag: W/"aa1272633e7e552395d147a499bad186"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6815734cbf6c42fd-FRA

GET
H/1.1 200
OK jquery.js Show response
www.originsrecovery.com/wp-includes/js/jquery/ 282 KB
84 KB 557ms
160ms Script
application/javascript 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.originsrecovery.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 15:43:36 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding,User-Agent
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public, public
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H/1.1 200
OK offcanvas.js Show response
www.originsrecovery.com/wp-content/themes/origins/js/ 272 B
655 B 532ms
133ms Script
application/javascript 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/js/offcanvas.js?ver=5.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

5403f55f419b4350195ccaedd3721c33c3f22e61b761130a8a857f7f1b4096d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 21:47:20 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding,User-Agent
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 151
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H/1.1 200
OK jquery.collapse.js Show response
www.originsrecovery.com/wp-content/themes/origins/js/ 7 KB
2 KB 613ms
152ms Script
application/javascript 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/js/jquery.collapse.js?ver=5.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

320e90fae217caa50868bf2e5d4013a72bca1e17ddc144007313d27e0b81f9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 21:47:17 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding,User-Agent
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1980
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 16:42:57 GMT

GET
H/1.1 200
OK e4401ef7-54ab-47e2-98a2-83401a8118e7.jpg
image.originsconnect.com/lib/fe311171716404787d1073/m/1/ 797 KB
797 KB 1400ms
1222ms Image
image/jpeg 2a02:26f0:6c00::210:ba92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.originsconnect.com/lib/fe311171716404787d1073/m/1/e4401ef7-54ab-47e2-98a2-83401a8118e7.jpg
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 54d01ad072ec5bcb81634ea251014c89a4b340d420a40057261b412df1ef47f7

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:30:00 GMT
Last-Modified: Wed, 24 Jun 2020 20:25:39 GMT
Server: AkamaiNetStorage
ETag: "09178ae08a93eb598e14fe481c89f6c4:1593030339.871453"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 816256

GET
H/1.1 200
OK fb.png
www.originsrecovery.com/wp-content/themes/origins/images/social/ 5 KB
5 KB 132ms
131ms Image
image/png 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/images/social/fb.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

3167c7ee83812fd94ac39dfc74960b1a782d154106e6082789f5c98983c4c171

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Last-Modified: Wed, 14 Apr 2021 21:47:12 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept,Host,Accept-Encoding
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4968
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H/1.1 200
OK twitter.png
www.originsrecovery.com/wp-content/themes/origins/images/social/ 5 KB
6 KB 153ms
152ms Image
image/png 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/images/social/twitter.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

8097283bb66861661680e87f236d3e4fd544d9ddc79c6547e07a47c51c284270

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Last-Modified: Wed, 14 Apr 2021 21:47:13 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept,Host,Accept-Encoding
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5527
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H/1.1 200
OK linkedin.png
www.originsrecovery.com/wp-content/themes/origins/images/social/ 5 KB
6 KB 134ms
133ms Image
image/png 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/images/social/linkedin.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

8793634474d08d4e2cdf139092cfe0390e11a7d4b3687acc868dee1718b9e33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Last-Modified: Wed, 14 Apr 2021 21:47:13 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept,Host,Accept-Encoding
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5206
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H/1.1 200
OK instagram.png
www.originsrecovery.com/wp-content/themes/origins/images/social/ 6 KB
6 KB 230ms
130ms Image
image/png 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.originsrecovery.com/wp-content/themes/origins/images/social/instagram.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache / PleskLin

Resource Hash

172d80c94aab3fbf979732869ad4467cf58af3ac08748c33ffd748abed6c8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Last-Modified: Wed, 14 Apr 2021 21:47:12 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept,Host,Accept-Encoding
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=2592000, public, public
Strict-Transport-Security: max-age=15768000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5707
Expires: Sat, 18 Sep 2021 18:29:58 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
682 B 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&ver=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82e11597717ed18dff34754a2cf3888fae1cac39123f3a750a4e34fc9926f6a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 19 Aug 2021 18:29:58 GMT

GET
H/1.1 404
Not Found 266e07b143316e003623458ae3ce1389.js
www.originsrecovery.com/wp-content/cache/min/1/ 0
0 1278ms
1173ms Script
text/html 23.253.133.184
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.originsrecovery.com/wp-content/cache/min/1/266e07b143316e003623458ae3ce1389.js
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.253.133.184 Orlando, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 collect.js Show response
514005843.collect.igodigital.com/ 9 KB
2 KB 406ms
131ms Script
application/javascript 54.175.67.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://514005843.collect.igodigital.com/collect.js
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.67.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-67-42.compute-1.amazonaws.com
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:59 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 17:45:45 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 400
Bad Request img-divider01.png
cloud.originsconnect.com/themes/origins/images/ 11 B
164 B 498ms
170ms Image
text/html 13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.originsconnect.com/themes/origins/images/img-divider01.png
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/style_css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cloud.originsconnect.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cloud.originsconnect.com/style_css
Connection: keep-alive
Referer: https://cloud.originsconnect.com/style_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:59 GMT
Cache-Control: private
Connection: close
Content-Length: 11
Content-Type: text/html

GET
H/1.1 400
Bad Request img-divider02.png
cloud.originsconnect.com/themes/origins/images/ 11 B
164 B 445ms
151ms Image
text/html 13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.originsconnect.com/themes/origins/images/img-divider02.png
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/style_css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cloud.originsconnect.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cloud.originsconnect.com/style_css
Connection: keep-alive
Referer: https://cloud.originsconnect.com/style_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:58 GMT
Cache-Control: private
Connection: close
Content-Length: 11
Content-Type: text/html

GET
H/1.1 400
Bad Request img-shadow03.png
cloud.originsconnect.com/themes/origins/images/ 11 B
164 B 433ms
149ms Image
text/html 13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.originsconnect.com/themes/origins/images/img-shadow03.png
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/style_css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cloud.originsconnect.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cloud.originsconnect.com/style_css
Cookie: _ga=GA1.2.724133117.1629397799; _gid=GA1.2.872042699.1629397799; _gat_UA-24529294-1=1
Connection: keep-alive
Referer: https://cloud.originsconnect.com/style_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:59 GMT
Cache-Control: private
Connection: close
Content-Length: 11
Content-Type: text/html

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 120 KB
120 KB 17ms
17ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Origin: https://cloud.originsconnect.com
Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 117
cf-ray: 681573520e1742fd-FRA
content-length: 123004
x-amz-id-2: 6fnZEjLSJ3NHEyv9GUBXBJZKGgk3AhEDz3+i8NaiBeaORChLsyTqeMYr6sSE/6Sr6obFSYOFmdc=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "88fd444847dc842d15e229df26571b03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: EHAJHXH7CTBVNSAR
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ 340 KB
340 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cloud.originsconnect.com
Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 17:28:23 GMT
x-content-type-options: nosniff
age: 3695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348244
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 17:28:23 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7B9C 39 KB
20 KB 30ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly93d3cub3JpZ2luc3JlY292ZXJ5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=swdzg2pj6agg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9d5211f4a9a41b47d5d31866857ead727f64310be431c72a865d4bb5d216876

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EL+6Rp0mPkycKfzr2y0pdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly93d3cub3JpZ2luc3JlY292ZXJ5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=swdzg2pj6agg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cloud.originsconnect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cloud.originsconnect.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 18:29:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-EL+6Rp0mPkycKfzr2y0pdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20001
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 410
Gone _t
cloud.originsconnect.com/pref-center/ 35 B
35 B 429ms
145ms Image
text/html 13.111.179.178
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.originsconnect.com/pref-center/_t?eventType=CLOUDPAGESVISIT
Requested by: Host: cloud.originsconnect.com
URL: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.111.179.178 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: cloud.originsconnect.com
Software: /
Resource Hash: 7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cloud.originsconnect.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
Cookie: _ga=GA1.2.724133117.1629397799; _gid=GA1.2.872042699.1629397799; _gat_UA-24529294-1=1
Connection: keep-alive
Referer: https://cloud.originsconnect.com/pref-center?qs=4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f&utm_source=MarketingCloud&utm_medium=email&utm_campaign=Fall+Reunion&utm_content=Update+Profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:29:59 GMT
Cache-Control: private
Connection: close
Content-Length: 35
Content-Type: text/html

GET
H3-29 200 287377445804904 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 508ms
508ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/287377445804904?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa0c3c96d740c3058df096e749414282712535a6f2b366b218d592b88446a7da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JNmK/z8ICr66jTFacYlLieW+2oChUXnXPzZT7Wa9KxSGnxsZDEFCx21mbaiyujZqD9jiILE406xnohzBS3OB2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 18:29:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=873081433&t=pageview&_s=1&dl=https%3A%2F%2Fcloud.originsconnect.com%2Fpref-center%3Fqs%3D4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f%26utm_source%3DMarketingCloud%26utm_medium%3Demail%26utm_campaign%3DFall%2BReunion%26utm_content%3DUpdate%2BProfile&ul=en-us&de=UTF-8&dt=Drug%20%26%20Alcohol%20Addiction%20Treatment%20Center%20Florida%20%26%20Texas%20%7C%20Rehab%20Facility&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1900851700&gjid=819088363&cid=724133117.1629397799&tid=UA-24529294-1&_gid=872042699.1629397799&_r=1&gtm=2wg8i0P5DPN9Z&z=729860796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 18:29:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.originsconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ Frame 7B9C 0
0 117ms
116ms Stylesheet
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly93d3cub3JpZ2luc3JlY292ZXJ5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=swdzg2pj6agg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ Frame 7B9C 0
0 503ms
503ms Script
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly93d3cub3JpZ2luc3JlY292ZXJ5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=swdzg2pj6agg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-24529294-1&cid=724133117.1629397799&jid=1900851700&gjid=819088363&_gid=872042699.1629397799&_u=aEBAAEAAEAAAAC~&z=1408525348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 18:29:58 GMT
content-type: text/plain
access-control-allow-origin: https://cloud.originsconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Invalid domain name. /
st1.dialogtech.com/st/ 0
0 424ms
319ms Script
text/plain 107.162.156.70
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.dialogtech.com/st/?_stk=41dd12bdd6cb768319c538f18d498d4f5e02a5ed&dr=&dl=https%3A%2F%2Fcloud.originsconnect.com%2Fpref-center%3Fqs%3D4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f%26utm_source%3DMarketingCloud%26utm_medium%3Demail%26utm_campaign%3DFall%2BReunion%26utm_content%3DUpdate%2BProfile&dt=Drug%20%26%20Alcohol%20Addiction%20Treatment%20Center%20Florida%20%26%20Texas%20%7C%20Rehab%20Facility&vp=1600x1642&sr=1600x1200&ua=UA-24529294-1&uac=724133117.1629397799&cb=1629397798911&stv=37
Requested by: Host: d31y97ze264gaa.cloudfront.net
URL: https://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.156.70 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 18:29:59 GMT
Via: 1.1 fra1-bit19
Last-Modified: Thu Aug 19 2021 18:29:59 GMT+0000 (Coordinated Universal Time)
Vary: Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=287377445804904&ev=PageView&dl=https%3A%2F%2Fcloud.originsconnect.com%2Fpref-center%3Fqs%3D4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f%26utm_source%3DMarketingCloud%26utm_medium%3Demail%26utm_campaign%3DFall%2BReunion%26utm_content%3DUpdate%2BProfile&rl=&if=false&ts=1629397799046&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629397799045.282715554&it=1629397798783&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:29:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 18:29:59 GMT

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/514005843/ 43 B
716 B 140ms
139ms Image
image/gif 54.175.67.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/514005843/track_page_view?payload=%7B%22title%22%3A%22Drug%20%26%20Alcohol%20Addiction%20Treatment%20Center%20Florida%20%26%20Texas%20%7C%20Rehab%20Facility%22%2C%22url%22%3A%22https%3A%2F%2Fcloud.originsconnect.com%2Fpref-center%3Fqs%3D4ba0a1bb556ead2307721c2a798a2c6be0ae101bd1fce8e784a4ddb5246088bbe540ba58c0867ab0f34bb095a69502ec552c3a5dbcd7b64f%26utm_source%3DMarketingCloud%26utm_medium%3Demail%26utm_campaign%3DFall%2BReunion%26utm_content%3DUpdate%2BProfile%22%2C%22referrer%22%3A%22%22%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.67.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-67-42.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.005452
date: Thu, 19 Aug 2021 18:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 68f721fa-3aeb-4e13-a0e0-7c0c4ca6f995

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cloud.originsconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygOXWZp9rioPR3RyT

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 19 Aug 2021 18:29:59 GMT
content-type: text/plain
access-control-allow-origin: https://cloud.originsconnect.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D61F 7 KB
1 KB 24ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly9jbG91ZC5vcmlnaW5zY29ubmVjdC5jb206NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=rhbykos6ieyo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2e7b2a1fab69657acd85a507c37d64b01032f60c5aecac7c3e73c579bd8284a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TDy28rXL028/MovIfZ/zIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly9jbG91ZC5vcmlnaW5zY29ubmVjdC5jb206NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=rhbykos6ieyo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cloud.originsconnect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cloud.originsconnect.com/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-TDy28rXL028/MovIfZ/zIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Thu, 19 Aug 2021 18:30:00 GMT
expires: Thu, 19 Aug 2021 18:30:00 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1039
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame D61F 52 KB
25 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7DdEUAAAAAJQ04lkBVwvBSsP6gFF7K3sa7Tj0&co=aHR0cHM6Ly9jbG91ZC5vcmlnaW5zY29ubmVjdC5jb206NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=rhbykos6ieyo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 16:49:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame D61F 340 KB
340 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 17:28:23 GMT
x-content-type-options: nosniff
age: 3697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348244
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 17:28:23 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D61F 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 240955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 23 Aug 2021 23:34:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D61F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 248559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.originsconnect.com/	1970-01-19 22:46:13	Name: _fbp Value: fb.1.1629397799045.282715554
.cloud.originsconnect.com/	1970-01-21 16:26:04	Name: _st Value: 75acb3c0-011b-11ec-af0f-217388e8f909.75aefdb0-011b-11ec-af0f-217388e8f909.8442509223.(844) 250-9223.+18442509223.0.8448438935...1629398399.1629408599.600.10800.30.0....0....1...originsrecovery^com.UA-24529294-1.724133117^1629397799.37.
.originsconnect.com/	1970-01-19 20:36:37	Name: _gat_UA-24529294-1 Value: 1
.originsconnect.com/	1970-01-19 20:38:04	Name: _gid Value: GA1.2.872042699.1629397799
cloud.originsconnect.com/	1970-01-19 20:46:42	Name: dt_dcm Value: 75aefdb0-011b-11ec-af0f-217388e8f909
.originsconnect.com/	1970-01-20 14:07:49	Name: _ga Value: GA1.2.724133117.1629397799

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 287377445804904.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

514005843.collect.igodigital.com
ajax.googleapis.com
click.originsconnect.com
cloud.originsconnect.com
connect.facebook.net
d21lzy3dk86arg.cloudfront.net
d31y97ze264gaa.cloudfront.net
fonts.gstatic.com
image.originsconnect.com
nova.collect.igodigital.com
pro.fontawesome.com
st1.dialogtech.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.originsrecovery.com
107.162.156.70
13.111.179.178
13.111.180.143
13.224.89.41
23.253.133.184
2600:9000:2190:4e00:7:54b8:ff00:21
2606:4700::6812:1734
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a02:26f0:6c00::210:ba92
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f11c:8183:face:b00c:0:25de
54.175.67.42
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
172d80c94aab3fbf979732869ad4467cf58af3ac08748c33ffd748abed6c8936
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
3167c7ee83812fd94ac39dfc74960b1a782d154106e6082789f5c98983c4c171
320e90fae217caa50868bf2e5d4013a72bca1e17ddc144007313d27e0b81f9c2
3a80a3a78430db048cfb66a76e24598484cc673bb9c54230862dbf9dbf9e913f
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
51d636dc2133032c14afd8c2ac93ff06e403bf4609cce27965cbd7628b8218fb
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
5403f55f419b4350195ccaedd3721c33c3f22e61b761130a8a857f7f1b4096d4
54d01ad072ec5bcb81634ea251014c89a4b340d420a40057261b412df1ef47f7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6afeece4fd20cf1cabdcba8fb2305016d5d63c67f6fb640d81281fd4e7064d2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec2b12c9099984c9409a2c7d1bf6e3dfdba0fade3ddf179ccb7d51658650b10
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
8097283bb66861661680e87f236d3e4fd544d9ddc79c6547e07a47c51c284270
82e11597717ed18dff34754a2cf3888fae1cac39123f3a750a4e34fc9926f6a7
8793634474d08d4e2cdf139092cfe0390e11a7d4b3687acc868dee1718b9e33b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a9d5211f4a9a41b47d5d31866857ead727f64310be431c72a865d4bb5d216876
b6557568047273a216a1b54c659e60781e9f09df1dbd3a775334ff654e136e54
c474c0913a59dda4370a341d0149190e3b9af3a6b94afd10205ceade3d28307b
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d2e7b2a1fab69657acd85a507c37d64b01032f60c5aecac7c3e73c579bd8284a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec28697e8dae0c727525b5fde3efa9a466da9c071134c7d5209c0d630734ca05
fa0c3c96d740c3058df096e749414282712535a6f2b366b218d592b88446a7da

cloud.originsconnect.com Open in urlscan Pro 13.111.179.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

73 %IPv6

14 Domains

19 Subdomains

21 IPs

3 Countries

2191 kBTransfer

3568 kBSize

6 Cookies

83 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cloud.originsconnect.com Open in urlscan Pro
13.111.179.178 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

19
Subdomains

21
IPs

3
Countries

2191 kB
Transfer

3568 kB
Size

6
Cookies

44 HTTP transactions
0 data transactions