urlscan.io logo urlscan.io
SecurityTrails logo

www.originlab.com Open in urlscan Pro
208.118.247.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.originlab.com/download2.aspx?s=2&c=AB1A20D0A177B0A
Effective URL: https://www.originlab.com/thankyou.aspx?s=2
Submission Tags: falconsandbox
Submission: On November 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 35 HTTP transactions. The main IP is 208.118.247.127, located in United States and belongs to COLOSPACE, US. The main domain is www.originlab.com. The Cisco Umbrella rank of the primary domain is 400030.
TLS certificate: Issued by GeoTrust G5 TLS RSA4096 SHA384 2022 CA1 on July 2nd 2024. Valid for: a year.
This is the only time www.originlab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    208.118.247.127 (United States)

ASN27382 (COLOSPACE, US)
www.originlab.com
15    13.226.103.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-103-142.jfk52.r.cloudfront.net
d2mvzyuse3lwjc.cloudfront.net
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net
www.google.com
1    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
15 cloudfront.net
d2mvzyuse3lwjc.cloudfront.net
120 KB
5 originlab.com
www.originlab.com — Cisco Umbrella Rank: 400030
90 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
164 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
64 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
131 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1903
42 KB
35 8
Domain Requested by
15 d2mvzyuse3lwjc.cloudfront.net www.originlab.com
d2mvzyuse3lwjc.cloudfront.net
5 www.originlab.com 1 redirects www.originlab.com
4 cdnjs.cloudflare.com www.originlab.com
cdnjs.cloudflare.com
2 www.google.com www.googletagmanager.com
www.originlab.com
2 td.doubleclick.net www.googletagmanager.com
2 www.googletagmanager.com d2mvzyuse3lwjc.cloudfront.net
www.googletagmanager.com
2 www.google-analytics.com d2mvzyuse3lwjc.cloudfront.net
www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 ajax.aspnetcdn.com www.originlab.com
35 11

This site contains links to these domains. Also see Links.

Domain
blog.originlab.com
www.youtube.com
store.originlab.com
Subject Issuer Validity Valid
store.originlab.com
GeoTrust G5 TLS RSA4096 SHA384 2022 CA1		 2024-07-02 -
2025-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.originlab.com/thankyou.aspx?s=2
Frame ID: F3C13F211C2733F2742B3C9B49D39998
Requests: 32 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-G0XNH6Y3D1&gacid=805136638.1731379069&gtm=45je4bb0v891984002za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=655249182
Frame ID: 00A27860C2B2B8A7640A36B46532E7A8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1031848701?random=1731379069049&cv=11&fst=1731379069049&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bb0v891984002za200&gcd=13l3l3l3l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1380483601.1731379069&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: CF9F0A4E492BA80FAB562C1CCC82F1D9
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.originlab.com
Frame ID: 40ABE5C23796CA6BF8D8BC4A623E970A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page URL History Show full URLs

  1. https://www.originlab.com/download2.aspx?s=2&c=AB1A20D0A177B0A HTTP 302
    https://www.originlab.com/thankyou.aspx?s=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/mathjax\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

572 kB
Transfer

1327 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.originlab.com/download2.aspx?s=2&c=AB1A20D0A177B0A HTTP 302
    https://www.originlab.com/thankyou.aspx?s=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request thankyou.aspx
www.originlab.com/
Redirect Chain
  • https://www.originlab.com/download2.aspx?s=2&c=AB1A20D0A177B0A
  • https://www.originlab.com/thankyou.aspx?s=2
52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.originlab.com/thankyou.aspx?s=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.247.127 , United States, ASN27382 (COLOSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
22455986640a20c5218d929301d1cb4f3bb18f24c2539177426ef84747ac7760
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
52861
Content-Security-Policy
frame-ancestors *.originlab.com
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Nov 2024 02:29:00 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM *.originlab.com
X-Powered-By
ASP.NET

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
135
Content-Security-Policy
frame-ancestors *.originlab.com
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Nov 2024 02:29:00 GMT
Location
/thankyou.aspx?s=2
Referrer-Policy
no-referrer-when-downgrade
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM *.originlab.com
X-Powered-By
ASP.NET
bootstrap.min.css
d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/css/ 		96 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/css/bootstrap.min.css?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7a82370ff7429e53a376de90e8bdff9e5e7a8bf25bf8d4912a456237f9afe237
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
etag
W/"0a43972d425f1:0"
age
69392
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8qRvmFZaonUwU4MRSgLfuKTBsWUPkSBGVG9YsroW3tdcH_wNfwuOhw==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Fri, 24 Apr 1914 10:14:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
yamm.min.css
d2mvzyuse3lwjc.cloudfront.net/global/yamm/ 		288 B
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/yamm/yamm.min.css?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
05d022be9b75f27da0ae6ace11a85557db5e9de189531c60bafad591d0ae9fc7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"018dfe7f2455f1:0"
age
51268
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
iZMPljsTKtGQ-6-VB7P_EdS_boVlE5289m63E2llvSgDpOZ9fNx6Bw==
date
Mon, 11 Nov 2024 12:43:04 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 29 Apr 1914 05:24:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
288
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
originlab.min.css
d2mvzyuse3lwjc.cloudfront.net/global/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.css?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
19a91912d95469b990c0a7109a047971e8ba18ebe3fd06b93ae098f682908a71
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
etag
W/"73a845942cd7da1:0"
age
62748
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
lsN4SGUOvtbqvp2HhQ06fTKVIngSKzBNH45q4UD20aTPdt4I5Qo_UA==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 16 Jul 2024 03:02:22 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
147561
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbvV2Qk7AWC0Ey82TiHA6TqDcptFV%2BXN4msfpmKZWNJtc2NFCKpqEAUG3p%2BIBCWQyirbupsPnnzZDBeZ8cfNzy4gSwo7oBqd6Bv91vdiwUUaKFLCM61Wj18mhhEmHK13Bx5BOUPB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 02:37:48 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e1324681a5d74b0-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
jquery-1.11.0.min.js
ajax.aspnetcdn.com/ajax/jquery/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery/jquery-1.11.0.min.js?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8791) /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
etag
"f0aded4cc33d21:0"
age
19200071
x-content-type-options
nosniff
x-cache
HIT
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
application/javascript
last-modified
Mon, 31 Oct 2016 23:10:49 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
42837
x-xss-protection
1; mode=block
server
ECAcc (mid/8791)
bootstrap.min.js
d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/js/bootstrap.min.js?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
etag
W/"0a43972d425f1:0"
age
73389
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
K6T3qOC_NzozHSOyDkn6-9KWoWVyHGv4bUx9IxtIdMeK7SsAToJg6Q==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Fri, 24 Apr 1914 10:14:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
originlab.min.js
d2mvzyuse3lwjc.cloudfront.net/global/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.js?v=202407161109
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5bbd7daf589dc351c3cea5f401e55dc5cde41c50138fe9b3eb05dacfa20acc52
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
etag
W/"4d35583fd5bcd81:0"
age
68540
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
l-CtLnZlfWgZjkmmscxe411heJTutnLg6OEvCx23wNd9UsuL7DLaCA==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 31 Aug 2022 01:01:48 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
MathJax.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.4/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.4/MathJax.js?config=TeX-MML-AM_CHTML
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a133ee491dbe905333903d74892c458fed1ef709b922b23ccae44ca28f853dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03f19-f773"
age
269647
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hnybiGDje3%2B3E4usSkpK%2Bd5Uf0GQpFpWv4c1awJ33PoFtTq%2FCPhLHGztYrWZhVVh7pbddjZ5oDRHI0jwCEmEuknsSU2kOAgVDBUkQ5%2BQL7fo9eYtKWH5ABF3ktGuzVjTSFTgMPi"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 02:37:48 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:13:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e1324683a8174b0-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
17020
server
cloudflare
back-to-the-top-iconv3.png
d2mvzyuse3lwjc.cloudfront.net/www/products/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/www/products/images/back-to-the-top-iconv3.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b9bc2ef367c05f4e058ebd389cc8daed92cf49a4719ea369f964c2ce7432c4d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"05a2fce2d28601:0"
age
73391
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
mjrScq9PAV8-PfypAeUlBwYe7HnzP5I5jGLZAbUzZVped1fQJ5CUdg==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Thu, 11 Feb 1915 02:55:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1681
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
header_logo.png
d2mvzyuse3lwjc.cloudfront.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/images/header_logo.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0b86eb030ae5e66bde95d3a2b3d2c4faca4f0fa84cf143c77dce09ac58cad198
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"0a25fb63bce5a1:0"
age
50465
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
qvI4so0I0jEym5CQ7-fBrEII5xHPbRdGFMPbPszcNzNxDqv7UyMFlA==
date
Mon, 11 Nov 2024 13:18:12 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Wed, 04 May 1910 18:03:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
5362
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
download%20trial%20icon%203.png
d2mvzyuse3lwjc.cloudfront.net/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/images/download%20trial%20icon%203.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ecc15f01de87374af25ea4d12ebec540a0f6370213a58696af99d63c57d28166
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"7e265ccf6260d41:0"
age
56186
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
FZG8y4k3xf0Y-bv3CCXUu4D4mJAIyQcHJ5LGAwHAF2ipagkwD-1fgA==
date
Mon, 11 Nov 2024 12:09:29 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Wed, 10 Oct 2018 06:31:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
12956
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
brochure%20icon.png
d2mvzyuse3lwjc.cloudfront.net/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/img/brochure%20icon.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aa1bc8cc0ea24b87f430607f33ce3f49baf093e2bcce32abdb4af965cbab5520
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"0ea9c703f1c601:0"
age
56186
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
zzUq2tEXSwliAA2gp-RK1naHwfyfYQ0Pt5iVZXTtgi7yhtK5e4kWPg==
date
Mon, 11 Nov 2024 12:18:39 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 26 Jan 1915 22:31:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
6090
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
Running_Origin_on_Mac_icon.png
d2mvzyuse3lwjc.cloudfront.net/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/img/Running_Origin_on_Mac_icon.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3721194e2ad54721fbb89d8de79ed282b69c8faed4a6b4404c484c05b4e4c074
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"044f7fde290601:0"
age
60363
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
oKRcL3nb9V9GA92Es0wTxWzgnIIsA-YxSoYIi5bRIiMuc0oTCKbljw==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Thu, 24 Jun 1915 08:54:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
7934
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
onlineStore.png
www.originlab.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.originlab.com/img/onlineStore.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.247.127 , United States, ASN27382 (COLOSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
24acebc6271333128f5c8534be0ed64aca89d2473e718f03c0e5ec757baa9088
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

X-Frame-Options
ALLOW-FROM *.originlab.com
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
frame-ancestors *.originlab.com
ETag
"0e8e99aba2c5f1:0"
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
4029
Date
Tue, 12 Nov 2024 02:29:00 GMT
Content-Type
image/png
Last-Modified
Sat, 28 Mar 1914 03:08:00 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
blog%20icon.png
d2mvzyuse3lwjc.cloudfront.net/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/img/blog%20icon.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d03cf5ea803bc084a82e61061f1792cbd6746563857b790f1d3957a1a565a14a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"02260739a1d601:0"
age
56186
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
f3LvYSonta0p3QsI0dGqMO_YI4JuS701l9pR6-7jFR7yo1Z4jFqxeg==
date
Mon, 11 Nov 2024 10:52:35 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Thu, 28 Jan 1915 15:55:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
6728
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
webinar%20icon.png
d2mvzyuse3lwjc.cloudfront.net/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/img/webinar%20icon.png
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1ead8acdb07ed2e614e019d14778e343e2c51c636fee081ea75f8d210b6afee5
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"09a1d487b23601:0"
age
58402
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
uY30JneuXmBSYK_9Uij_elwxvGKKyAlF18cf2uq-5Lxov8DVELandQ==
date
Mon, 11 Nov 2024 10:51:24 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Fri, 05 Feb 1915 03:27:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
6428
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
chatnow2.gif
d2mvzyuse3lwjc.cloudfront.net/images/chat/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/images/chat/chatnow2.gif
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f1ecb0c4f1fa803989a7bf9552b44b3fd77823c7f85d85d21502419451487860
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

etag
"80a4b156ebbfd51:0"
age
50465
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
zoY5p4Fh4xlK4rSwXTGyQ1ZC1DC5qx_xRe9uUk5UT41ppxrUaPqpgQ==
date
Mon, 11 Nov 2024 13:18:13 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Tue, 31 Dec 2019 15:02:37 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4002
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
WebResource.axd
www.originlab.com/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.originlab.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDPM1hUP2brwRDdZtVFRGNhYqDdRU1Y5PevCKwFDJ_2xC0DEKve3bPp6p3vQyPrdwg2&t=638285935360000000
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.247.127 , United States, ASN27382 (COLOSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

X-Frame-Options
ALLOW-FROM *.originlab.com
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
frame-ancestors *.originlab.com
Cache-Control
public
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Expires
Tue, 11 Nov 2025 11:01:53 GMT
Access-Control-Allow-Origin
*
Content-Length
23063
Date
Tue, 12 Nov 2024 02:29:01 GMT
Content-Type
application/x-javascript
Last-Modified
Sat, 26 Aug 2023 00:52:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
socialicons_final5.png
d2mvzyuse3lwjc.cloudfront.net/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/images/socialicons_final5.png
Requested by
Host: d2mvzyuse3lwjc.cloudfront.net
URL: https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.css?v=202407161109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bb5a5444946f1b4aa66fbbbc9e5558357b96e78a6e861e57f40890ec5ca3b3f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.css?v=202407161109

Response headers

etag
"0c4ee177ea601:0"
age
73386
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
WUakvpOkBaIitiOZ9B5rz4IBmoATVfePH7lrtA4Ka1yLLVvLGn1htg==
date
Mon, 11 Nov 2024 10:17:36 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Sat, 16 Oct 1915 08:54:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 1af9f97779e52f512a1145b7da36be50.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
7590
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?v=202407161109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.originlab.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?v=202407161109

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
143880
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrh9c9VoCaEewwSeuUAfDSi2yHNGHUX1X7hghsVcKyHx%2BsfYyWUXP5O99GblJkebAu4xUxwQeGMuZ2WosoO4snrkqEM%2FSauNBh79MUEJAFKXT4TUK2i%2F6GDMQLtjHGJXPDeBGfZZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 02:37:48 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e13246a0d8b6dc5-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
glyphicons-halflings-regular.woff
d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/fonts/glyphicons-halflings-regular.woff
Requested by
Host: d2mvzyuse3lwjc.cloudfront.net
URL: https://d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/css/bootstrap.min.css?v=202407161109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.103.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-103-142.jfk52.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.originlab.com
Referer
https://d2mvzyuse3lwjc.cloudfront.net/global/bootstrap/3.1.1/css/bootstrap.min.css?v=202407161109

Response headers

etag
"0a43972d425f1:0"
age
48964
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
tMVs_pcBQqztdtNkIU9AQhdNekiIR3YFpDmm9L226cnLcsRqSiyyeA==
date
Mon, 11 Nov 2024 12:52:58 GMT
content-type
font/x-woff
last-modified
Fri, 24 Apr 1914 10:14:00 GMT
x-frame-options
ALLOW-FROM *.originlab.com
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors *.originlab.com
referrer-policy
no-referrer-when-downgrade
via
1.1 3209651712d035f1881913d3ca2a2dbc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
23320
x-amz-cf-pop
JFK52-P10
x-powered-by
ASP.NET
server
Microsoft-IIS/8.5
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d2mvzyuse3lwjc.cloudfront.net
URL: https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.js?v=202407161109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
gzip
age
1904
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 04:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 02:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		410 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Requested by
Host: d2mvzyuse3lwjc.cloudfront.net
URL: https://d2mvzyuse3lwjc.cloudfront.net/global/originlab.min.js?v=202407161109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a7b8860dce4d80f615716e82d05e877f251af74e07a41492df7f4194ce53535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 12 Nov 2024 02:37:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133246
x-xss-protection
0
server
Google Tag Manager
TeX-MML-AM_CHTML.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.4/config/ 		273 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.4/config/TeX-MML-AM_CHTML.js?V=2.7.4
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.4/MathJax.js?config=TeX-MML-AM_CHTML
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7364200d8829dcb8d11aac8192d0cb9725a65dc7dafa6df9e8798079b062492f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03f19-44592"
age
653463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xz168A6gYN0w1Un%2FRv21gpuTBD37d0yN9UEuw5FzUq7207g8pm%2BNDWwu6Xpq6RFLTgxeShjB0LxWqcy2EIlciwOEpMGMVHFvgcxYCWMGMqZhAakkNx47vV1y5KwhVNbaHQrtj4L6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 02:37:48 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 12 Nov 2024 02:37:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:13:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e132469fce474b0-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
66054
server
cloudflare
collect
www.google-analytics.com/j/ 		3 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=737787339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=696563398&gjid=548141893&cid=805136638.1731379069&tid=UA-1628093-1&_gid=1641577905.1731379069&_r=1&_slc=1&z=1849095889
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 02:37:48 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.originlab.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-G0XNH6Y3D1&gtm=45je4bb0v891984002za200&_p=1731379068457&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=805136638.1731379069&ecid=1838268277&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731379068&sct=1&seg=0&dl=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.originlab.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 02:37:49 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G0XNH6Y3D1&cid=805136638.1731379069&gtm=45je4bb0v891984002za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.originlab.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 02:37:49 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 00A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-G0XNH6Y3D1&gacid=805136638.1731379069&gtm=45je4bb0v891984002za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=655249182
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.originlab.com/thankyou.aspx?s=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 02:37:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx&scrsrc=www.googletagmanager.com&frm=0&rnd=2112243006.1731379069&auid=1380483601.1731379069&npa=0&gtm=45je4bb0v891984002za200&gcd=13l3l3l3l1l1&dma=0&tft=1731379069053&tfd=1751&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031848701/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031848701/?random=1731379069049&cv=11&fst=1731379069049&bg=ffffff&guid=ON&async=1&gtm=45je4bb0v891984002za200&gcd=13l3l3l3l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1380483601.1731379069&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
8571112b2ba1c3021b6873ed79a4c0bcdd29f83592d0a60323fb5a9b89d5abc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2265
date
Tue, 12 Nov 2024 02:37:49 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1031848701
td.doubleclick.net/td/rul/ Frame CF9F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1031848701?random=1731379069049&cv=11&fst=1731379069049&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bb0v891984002za200&gcd=13l3l3l3l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1380483601.1731379069&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.originlab.com/thankyou.aspx?s=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1361
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 02:37:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 40AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.originlab.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G0XNH6Y3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
451315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Nov 2024 21:15:54 GMT
expires
Thu, 06 Nov 2025 21:15:54 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1031848701/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1031848701/?random=1731379069049&cv=11&fst=1731376800000&bg=ffffff&guid=ON&async=1&gtm=45je4bb0v891984002za200&gcd=13l3l3l3l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.originlab.com%2Fthankyou.aspx%3Fs%3D2&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1380483601.1731379069&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d5--5Tu4oxZMqPy2NwfShi14GMZiZ_g&random=186584104&rmt_tld=0&ipr=y
Requested by
Host: www.originlab.com
URL: https://www.originlab.com/thankyou.aspx?s=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 12 Nov 2024 02:37:49 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
www.originlab.com/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.originlab.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.247.127 , United States, ASN27382 (COLOSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a197ab4a487a508d0b33a3c8dd58577512e1bcc1f180ea2fdd44dbd4524d0308
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.originlab.com/thankyou.aspx?s=2

Response headers

X-Frame-Options
ALLOW-FROM *.originlab.com
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
frame-ancestors *.originlab.com
ETag
"0e6d65e7b935b1:0"
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
9662
Date
Tue, 12 Nov 2024 02:29:02 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 10 Jan 1911 18:25:00 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| $ function| jQuery object| jQuery111006435239851624925 function| SendToGoogleMini function| showtip function| hidetip function| clearText function| getQueryString string| GoogleAnalyticsObject function| ga object| dataLayer function| TryFixEmailTypo object| MathJax object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
www.originlab.com/ Name: ASP.NET_SessionId
Value: do2qpmxmqczcp2ak5x312ubx
www.originlab.com/ Name: OriginlabPrefs
Value: en
.originlab.com/ Name: _gid
Value: GA1.2.1641577905.1731379069
.originlab.com/ Name: _gat
Value: 1
.originlab.com/ Name: _ga
Value: GA1.1.805136638.1731379069
.originlab.com/ Name: _gcl_au
Value: 1.1.1380483601.1731379069
.originlab.com/ Name: _ga_G0XNH6Y3D1
Value: GS1.1.1731379068.1.0.1731379069.59.0.1838268277
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.originlab.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM *.originlab.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.google.com
cdnjs.cloudflare.com
d2mvzyuse3lwjc.cloudfront.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.originlab.com
104.17.24.14
13.226.103.142
142.250.72.98
142.251.40.164
152.199.4.33
2001:4860:4802:36::181
208.118.247.127
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:80a::2008
2607:f8b0:4006:816::2002
2607:f8b0:4006:81f::200e
05d022be9b75f27da0ae6ace11a85557db5e9de189531c60bafad591d0ae9fc7
0b86eb030ae5e66bde95d3a2b3d2c4faca4f0fa84cf143c77dce09ac58cad198
19a91912d95469b990c0a7109a047971e8ba18ebe3fd06b93ae098f682908a71
1a133ee491dbe905333903d74892c458fed1ef709b922b23ccae44ca28f853dc
1a7b8860dce4d80f615716e82d05e877f251af74e07a41492df7f4194ce53535
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ead8acdb07ed2e614e019d14778e343e2c51c636fee081ea75f8d210b6afee5
22455986640a20c5218d929301d1cb4f3bb18f24c2539177426ef84747ac7760
24acebc6271333128f5c8534be0ed64aca89d2473e718f03c0e5ec757baa9088
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3721194e2ad54721fbb89d8de79ed282b69c8faed4a6b4404c484c05b4e4c074
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
5bbd7daf589dc351c3cea5f401e55dc5cde41c50138fe9b3eb05dacfa20acc52
7364200d8829dcb8d11aac8192d0cb9725a65dc7dafa6df9e8798079b062492f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a82370ff7429e53a376de90e8bdff9e5e7a8bf25bf8d4912a456237f9afe237
8571112b2ba1c3021b6873ed79a4c0bcdd29f83592d0a60323fb5a9b89d5abc7
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
a197ab4a487a508d0b33a3c8dd58577512e1bcc1f180ea2fdd44dbd4524d0308
aa1bc8cc0ea24b87f430607f33ce3f49baf093e2bcce32abdb4af965cbab5520
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b9bc2ef367c05f4e058ebd389cc8daed92cf49a4719ea369f964c2ce7432c4d3
bb5a5444946f1b4aa66fbbbc9e5558357b96e78a6e861e57f40890ec5ca3b3f1
d03cf5ea803bc084a82e61061f1792cbd6746563857b790f1d3957a1a565a14a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc15f01de87374af25ea4d12ebec540a0f6370213a58696af99d63c57d28166
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ecb0c4f1fa803989a7bf9552b44b3fd77823c7f85d85d21502419451487860
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e