www.useorigin.com Open in urlscan Pro
34.251.201.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://useorigin.com/
Effective URL:
https://www.useorigin.com/
Submission: On February 16 via manual (February 16th 2023, 1:46:50 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 26 domains to perform 82 HTTP transactions. The main IP is 34.251.201.224, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.useorigin.com.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.

This is the only time www.useorigin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	75.2.70.75 75.2.70.75	16509 (AMAZON-02) (AMAZON-02)
1	34.251.201.224 34.251.201.224	16509 (AMAZON-02) (AMAZON-02)
27	2600:9000:20e... 2600:9000:20eb:a800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	13.225.84.117 13.225.84.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:2a00:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:a400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.134.250.23 18.134.250.23	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.135.18.21 18.135.18.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
82	29

1 75.2.70.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

useorigin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.201.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-201-224.eu-west-1.compute.amazonaws.com

www.useorigin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:20eb:a800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-117.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2a00:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.250.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-250-23.eu-west-2.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.18.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-18-21.eu-west-2.compute.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	website-files.com assets.website-files.com — Cisco Umbrella Rank: 11130	788 KB
15	gstatic.com fonts.gstatic.com	341 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	279 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 359 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6448	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506	20 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	22 KB
3	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3076 track.hubspot.com — Cisco Umbrella Rank: 2191	3 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 12064	45 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298 fonts.googleapis.com — Cisco Umbrella Rank: 43	7 KB
2	useorigin.com 1 redirects useorigin.com www.useorigin.com	9 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6232	456 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	456 B
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 12512	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3375	873 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2076	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4202	87 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4665	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2081	63 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3096	3 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 824	370 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4648	2 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 14573	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2128	968 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 729	5 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
82	26

	Domain	Requested by
27	assets.website-files.com	www.useorigin.com assets.website-files.com
15	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	www.useorigin.com www.googletagmanager.com js.hsadspixel.net
4	cdn.jsdelivr.net	www.useorigin.com cdn.jsdelivr.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	x.clearbitjs.com	tag.clearbitscripts.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
1	track.hubspot.com
1	www.google.de	www.useorigin.com
1	www.google.com	www.useorigin.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	app.clearbit.com	x.clearbitjs.com
1	api.hubapi.com	js.hsadspixel.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.useorigin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	ws.zoominfo.com	www.useorigin.com
1	tag.clearbitscripts.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.useorigin.com
1	ajax.googleapis.com	www.useorigin.com
1	www.useorigin.com
1	useorigin.com	1 redirects
82	33

This site contains links to these domains. Also see Links.

Domain
app.useorigin.com
assets.website-files.com

Subject Issuer	Validity	Valid
www.useorigin.com R3	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.website-files.com Amazon	`2022-10-12` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
clearbitscripts.com Amazon	`2022-07-11` - `2023-08-09`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2022-10-18` - `2023-11-16`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
clearbit.com Amazon RSA 2048 M01	`2022-10-18` - `2023-11-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.useorigin.com/
Frame ID: 55EC6F93B53BC8C83B597BD8FB14D233
Requests: 83 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Financial Wellness Benefits | Origin Financial

Page URL History Show full URLs

https://useorigin.com/ HTTP 301
https://www.useorigin.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

82
Requests

99 %
HTTPS

80 %
IPv6

26
Domains

33
Subdomains

29
IPs

5
Countries

1758 kB
Transfer

3674 kB
Size

25
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://app.useorigin.com/login
Title: Employee Login

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187891b478c30df_05.11.22-MKT-Equity_Ebook_.pdf
Title: Download Now

Search URL Search Domain Scan URL

URL: https://app.useorigin.com/static/media/privacy.33500857.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://app.useorigin.com/static/media/origin_terms_of_service.6c038c19.pdf
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://app.useorigin.com/sign-up
Title: Sign Up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://useorigin.com/ HTTP 301
https://www.useorigin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4490700%26time%3D1676555203554%26url%3Dhttps%253A%252F%252Fwww.useorigin.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true&e_ipv6=AQLQO__IrXIgjwAAAYZaejXkyGxtu2NC-UTnuIwrjf6bqGAsBs-4UuSxigUhI3kc1HDLcT3IPda_

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.useorigin.com/
Redirect Chain

https://useorigin.com/
https://www.useorigin.com/

37 KB
9 KB

242ms
71ms

Document
text/html

34.251.201.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-201-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4f57f9d884f8550ed624e7c2634d644b3ec3fae05d467fca19642d154dab6ada

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1466
content-encoding: gzip
content-length: 9097
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Thu, 16 Feb 2023 13:46:42 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kcgs7200106-IAD, cache-dub4334-DUB
x-timer: S1676555203.801163,VS0,VE1

Redirect headers

content-length: 166
content-type: text/html
date: Thu, 16 Feb 2023 13:46:42 GMT
location: https://www.useorigin.com/

GET
H2 200 useoriginfinancial.4434448dc.min.css
assets.website-files.com/6369c532b1878963f58c2f96/css/ 293 KB
40 KB 126ms
17ms Stylesheet
text/css 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/css/useoriginfinancial.4434448dc.min.css
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcbb51e73f1dac4c867932a77eea1f29af697efc27efd447ff533a1f3e3be4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Ic6hGG5NnR7U2c9YumdZC9nPI0FOgYFA
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
date: Thu, 16 Feb 2023 06:36:17 GMT
age: 25826
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40588
last-modified: Mon, 13 Feb 2023 13:44:19 GMT
server: AmazonS3
etag: "fc0103331894c717b8057d597c3aa09c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: wgIQMuhPa4TkWzb2HYgJlOZuatTrcrh62RFOmfTyt0cHbQj7mZ7Ssg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 327ms
43ms Script
text/javascript 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 08:15:27 GMT

GET
H2 200 cmsload.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/ 16 KB
7 KB 59ms
23ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b990621b1c87dd0fc0dac60359cfccb410086f8fbf81b5eb997ab7619dad6d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 30256
x-jsd-version: 1.10.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6491
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
etag: W/"412a-XWNQm4dOIVne7f2RdpxHg6TkBu8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cmsslider.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-cmsslider@1/ 6 KB
3 KB 47ms
23ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsslider@1/cmsslider.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea87d63e3c619104701c2aec3af2597df5bbff672e539eeedc01d93e9716dd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 24224
x-jsd-version: 1.7.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2764
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
etag: W/"18b8-du6Dzp87eh0ksK+UK1Ks8kS5ZkI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 354ms
54ms Script
application/javascript 13.225.84.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6369c532b1878963f58c2f96
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-117.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:48:41 GMT
content-encoding: br
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 75487
x-amz-cf-pop: FRA2-C2
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-id: WYsLaIxyWPvu3e4V_PtQQDdMY4ToduzCzIEWimahyIXxf4sMgYLwgg==

GET
H2 200 useoriginfinancial.16f33a485.js Show response
assets.website-files.com/6369c532b1878963f58c2f96/js/ 209 KB
63 KB 126ms
18ms Script
text/javascript 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/js/useoriginfinancial.16f33a485.js
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5e5ab1fb37217dc938da3ba3ee23a0cefe5e5b38b4850501b755e2e257bba6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:46:44 GMT
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-version-id: EznKTfPiBE0VmOTPqKxtMDEx9uhQ.1D1
age: 25199
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 64242
last-modified: Mon, 13 Feb 2023 13:44:19 GMT
server: AmazonS3
etag: "4ae8351d3a172ca46fd21e2a5bc4f8dc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: hJDvUu25nlR8Th6zeOS82pmRhhnYjrZB0wbPl6ZAkpibnTmJeWEMXg==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 128ms
69ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDroid+Serif:400,400italic,700,700italic%7CRoboto+Slab:regular,500

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7699ad07e8e67d37dedad904c2cd43e4aa11e14ba658bb649c4c460b88f2c4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 13:46:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 13:46:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
59 KB 133ms
66ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

071de276f776f54beef5aad06d7ca6b271faeb811aeb47890cba61d77d75940e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60502
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:46:43 GMT

GET
H2 200 6369c532b18789f6ce8c2fce_Lato-Regular.ttf
assets.website-files.com/6369c532b1878963f58c2f96/ 73 KB
35 KB 331ms
14ms Font
application/x-font-ttf 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789f6ce8c2fce_Lato-Regular.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6369c532b1878963f58c2f96/css/useoriginfinancial.4434448dc.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b

Request headers

Referer: https://assets.website-files.com/6369c532b1878963f58c2f96/css/useoriginfinancial.4434448dc.min.css
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:40:27 GMT
x-amz-version-id: KQApyjM36Q8byspn.0yg.fyhM.392AVE
content-encoding: br
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
age: 896777
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: W/"122dd68d69fe9587e062d20d9ff5de2a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: yrIhnfTjyrXUIZLEKwdZ3v6LcPD-Ap5ZSLfiPCSwAIWXz1A3Pkbgew==

GET
H2 200 6369c532b18789189a8c2fcd_Lato-Bold.ttf
assets.website-files.com/6369c532b1878963f58c2f96/ 72 KB
34 KB 346ms
28ms Font
application/x-font-ttf 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789189a8c2fcd_Lato-Bold.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6369c532b1878963f58c2f96/css/useoriginfinancial.4434448dc.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3

Request headers

Referer: https://assets.website-files.com/6369c532b1878963f58c2f96/css/useoriginfinancial.4434448dc.min.css
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 04:40:27 GMT
x-amz-version-id: rNQwZNLUdDuGtsNxeeYMfjOk0TrgJjii
content-encoding: br
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
age: 896777
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: W/"24b516c266d7341c954cb2918f1c8f38"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: TxXlauHmZwv1zz1V40acPz-JLsrYG00YuGkg7yNxScicroqqEHhuug==

GET
H2 200 6369c532b1878904e88c30f0_OriginLogo.svg
assets.website-files.com/6369c532b1878963f58c2f96/ 9 KB
4 KB 29ms
24ms Image
image/svg+xml 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878904e88c30f0_OriginLogo.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f7549b5e5e9f66040075d8245b8ab13f6416e76f9801d749991720409a31ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 13:16:27 GMT
x-amz-version-id: oO7qrbWynC8RXqu16UXywdovXBFbTwfm
content-encoding: br
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 2161817
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 02:55:50 GMT
server: AmazonS3
etag: W/"de792da9472d3fe896d5c7bc77dba6bf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 8pzlcN2jO99qPzDq5TbiWtrpbCciIRBwQi-GWQTpprkxZdQsNNF6Mw==

GET
H2 200 6369c532b187896a698c2fcf_Hero%2520Image-p-800.jpg
assets.website-files.com/6369c532b1878963f58c2f96/ 54 KB
54 KB 39ms
33ms Image
image/webp 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187896a698c2fcf_Hero%2520Image-p-800.jpg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c4aedd4e835f17f79ceb8b119b9393aa46baa522649d34ee974dc2498ec0583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 04:23:07 GMT
x-amz-version-id: bt1TROXgSwyobaEHySEQZ0l6THdGmCqp
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 33817
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 54946
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "7f588b75c995a6b5f01bd658a1f85af1"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 1ZemEMIZrem35gImEyxqSIYqKQ8_V1oPuZ1Ge4mWQgEWfnwLD0GBdw==

GET
H2 200 6369c532b1878974978c2fe5_Tabs%20Bullet%20List.png
assets.website-files.com/6369c532b1878963f58c2f96/ 688 B
1 KB 33ms
27ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878974978c2fe5_Tabs%20Bullet%20List.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e44fe30001c83cd5d6df850f978f1e97d6abe969884645d4b84f4245d2303f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: dVbOj6B4A9vgxf7nmz0snvmT_X7EI4yc
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 688
last-modified: Tue, 08 Nov 2022 02:55:50 GMT
server: AmazonS3
etag: "3c0382ebf0f89578c13cebd61983b667"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Nsc5zSg-L1qTfdzAQmXMdSwHLg_fjskt6ay-B4_S-bPdDN0-m2DODw==

GET
H2 200 6369c532b18789a9b98c2ff2_Frame.png
assets.website-files.com/6369c532b1878963f58c2f96/ 1 KB
2 KB 29ms
23ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789a9b98c2ff2_Frame.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4c9933a568cb6b01cb6873d0d152f034f903e8108ca7b0acfa9d14252e4d2a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: EeqYINLsZo595h3a8GP7CZW2qnHBQlnw
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1118
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "ddbd879b5eedead8a3d7271eb841e50c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: TRc_5oIM2xt9WQo5J3oz3GpaEXYYCNem57Lm9QwXQGH3xbdVTNRtNw==

GET
H2 200 6369c532b1878917b18c2ff4_Axios_logo_(2020)%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 6 KB
7 KB 43ms
38ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878917b18c2ff4_Axios_logo_(2020)%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e225be7ce1fdc61acb6de15659a732fa3bc9c91b5f61199f52aa4193dbfb696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: BANuM62MfT_40qd.F0tptjWttbhzvRzj
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6373
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "dcaa7bea6cfb324f4b85e5ef5e89d572"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -JVHFI65M6fDPSBAsGDf4r5EmnOt2MiI8Nu0NdUHmsS-0NPTXKNVcA==

GET
H2 200 6369c532b1878939538c2ff6_cheddar-logo-vector%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 8 KB
8 KB 35ms
29ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878939538c2ff6_cheddar-logo-vector%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad171aef0719ba644b76d848c157d0c95ab6c8a733a4d1d52bcc7d0ddd939f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: K_PrWj7HvgfQ1dU48WKtTsKwX3cN5f4o
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8149
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "f6ba712e097e8f575fcfcc87377d0fe0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: IwtlxT8Kd62IRjvYdVeOcCl--Uz2SsZx0stBGBtWb20BmPRBRksFdA==

GET
H2 200 6369c532b18789cb558c2ff9_WSJ_Logo%25201-p-500.png
assets.website-files.com/6369c532b1878963f58c2f96/ 10 KB
10 KB 34ms
29ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789cb558c2ff9_WSJ_Logo%25201-p-500.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f902c656a700bb549668850acf5f89ba60acd7ed0a397ebe5e0afdc67f72ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: ia6poiUunwc4tX.qaQmQQROFQKUgssix
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10013
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "87ec66d67205a9094416cd093f482f81"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: QQdnDIIYdAopO2boC_ay9aUuMbF2FiFfSmjX0PlDtH6fJ3bStcSMAQ==

GET
H2 200 6369c532b187899ed88c2ff3_Fortune_magazine_logo_2016%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 3 KB
3 KB 35ms
30ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187899ed88c2ff3_Fortune_magazine_logo_2016%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68cd093ad5671d22119473e5fa5136e48275f340bb4f96adf259c5a52b6dfa46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: tD15O2joufgtgwwEvReScJ6bozZJqXBj
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2990
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "1a5a4f4678cc9cc71603b2f7f76ed123"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: DWiRBlI1PrmBDLFrooK75JgyDQxS5_l-1S4bodHF8Q6WpsLsLo_rog==

GET
H2 200 6369c532b1878942618c2ff7_CNBC_logo%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 12 KB
12 KB 30ms
26ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878942618c2ff7_CNBC_logo%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f8ca01997711f5af53c713912d0d94052525c5ff5864f32ddfda71e83883fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: ZgmLCCT6BWp_jOWqzxelp7MHbTgVwG6Z
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12215
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "c532234ec316e92b912be92f50167972"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: lCXdcLFzR8WrqizlR6zkfblKsIvI6U9H6i-Sl-wmdfDd5QcW7HHGwg==

GET
H2 200 6369c532b1878940bc8c2ff8_U.S._News_%26_World_Report_logo%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 2 KB
2 KB 32ms
28ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878940bc8c2ff8_U.S._News_%26_World_Report_logo%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd537e05b8d6241a353f47f4d213d99e9d183e173791fe8246e1d45e06598875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: ZjdqaFRT4Ja6dZcu4Hn2EB3liPWskAXF
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1843
last-modified: Tue, 08 Nov 2022 02:55:50 GMT
server: AmazonS3
etag: "b8ffb35b1b5b006b9ca77819dd52cdcc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: SWaowSncj3pgUAckwDBEH0ZW4-o9Xk1JI_94531gsHsQmHP2SwytYA==

GET
H2 200 6369c532b1878907208c2ff5_Morningstar_Logo%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 9 KB
10 KB 49ms
44ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878907208c2ff5_Morningstar_Logo%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1859269baba7683711ae786ce9a450003e02a317f9b7f3f0e544d888afb9316a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: cF3CZ8Pedipu7pWfIb.Y9OUDEvw2r2yu
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290968
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9471
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "64508d169e6f66c5aac890c9198464fd"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: jaBwrybGfXf0pqk_QBF5J0Q9brmRz5n95u9jEDU3XQIjfvAebSrQTg==

GET
H2 200 6369c532b187894c648c2fe1_Frame1.png
assets.website-files.com/6369c532b1878963f58c2f96/ 622 B
1 KB 50ms
46ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187894c648c2fe1_Frame1.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf37ddb207e00b70bbb70feafa2694fc2d102913fffefb6ba1dc141f8ccd9fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:16 GMT
x-amz-version-id: LSXUD9qmeIQvFkIATvUtcVo5ww6luj7.
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290967
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 622
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "d119fabeebfd06c664fdf58fce443cf1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: nkLlLpJzPuIl0_wWtmSZNeMQzleE8CnkPTDeAPfvwx5esetT82opQQ==

GET
H2 200 6369c532b18789da218c2fe2_Frame.png
assets.website-files.com/6369c532b1878963f58c2f96/ 588 B
1 KB 49ms
45ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789da218c2fe2_Frame.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f7ea40c61a169851d007dcad71b6b7cd6ed3a2f169116abdfeac321c510f135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:17 GMT
x-amz-version-id: Z9icA5cVsh_AFn.437s6VDeLfvnjSDTI
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290967
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 588
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "21d5eaf2b67f6ea8f1e51644c4270bcc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XhL-Goq3dOxv1sG1RoZRwpEC7ASvz2wXq2TaTx1wL8GDq_WsF6GKdw==

GET
H2 200 6369c532b18789dbd68c2fe0_Slider%2520Image-p-800.png
assets.website-files.com/6369c532b1878963f58c2f96/ 232 KB
232 KB 62ms
59ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789dbd68c2fe0_Slider%2520Image-p-800.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd4a43fd557fb37f083e48aef776295d794253cacff01c314152c876c8e3927b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:47:06 GMT
x-amz-version-id: ylhPU0c6umTZFFTBgO1FmRAOipXerMsX
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 273577
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 237345
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "cd2a0d952f93515303cce90d3ae7712d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: vPfmA1b6rp_nppjYajhfVYSspPg-d-DXOIJzYhM2nNX9yrhPVKa-0A==

GET
H2 200 6369c532b1878927f28c2fe3_Slider%2520Image%25202-p-800.png
assets.website-files.com/6369c532b1878963f58c2f96/ 29 KB
29 KB 124ms
120ms Image
image/webp 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878927f28c2fe3_Slider%2520Image%25202-p-800.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45cea51f8f1837941d0eb43418c92f8fa7f1fa08b818ba1e91efe64fb0246403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: LwdnLH6mkeKVBzDjQtMYullaDC4OGdZk
date: Thu, 16 Feb 2023 13:46:43 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 10075
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29680
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "e8945e65d5c8eed20ed4589f286ad6fc"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: oKnyfA19ierV8FM6t82vdKL7hlXBvSfEDg2BGJu6lYmA3P-WUAU6mw==

GET
H2 200 6369c532b18789edf78c3095_Group%252088-p-800.png
assets.website-files.com/6369c532b1878963f58c2f96/ 59 KB
60 KB 127ms
124ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789edf78c3095_Group%252088-p-800.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dad644608536b01a1481dfc2a0ba31b95aec2790ada69ce2a7b8cfadd0f2ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:34:47 GMT
x-amz-version-id: VaRT93lYWUndmr0z8mSL3.ya6vyKwJSX
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 270717
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60420
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "0b11fc2563cf306d44b4b7878e952bcb"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: FB9q1YTqiRrAMk4oWvmSmxcrtFQUVVBHqw1oK6IxYvsvyH3o6E2Qgg==

GET
H2 200 6369c532b1878938528c2ffb_BrandIcon.png
assets.website-files.com/6369c532b1878963f58c2f96/ 8 KB
8 KB 125ms
122ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878938528c2ffb_BrandIcon.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fea11b4b51a07a6e929d22015acd909204fe81f6bfc631e6e4ede18c5ffe572c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:22 GMT
x-amz-version-id: EpQweZai_gikQTmBXYBWZ6BqZeIz5Xm3
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290962
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7761
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "38bad43fac14f2f4ada70660930e5e8e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: vsk0MoUzcmx5cPxE6QchNpnhnDDf-sg1oZ-OmeOT0f-RRL6Ka2QDhQ==

GET
H2 200 6369c532b18789120e8c2ffc_BrandIcon%20(1).png
assets.website-files.com/6369c532b1878963f58c2f96/ 4 KB
4 KB 50ms
47ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b18789120e8c2ffc_BrandIcon%20(1).png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a71ace98f7236de2be33df0abe3e2200a699f3422e77e8eb23d4021dad1ea1d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:21 GMT
x-amz-version-id: qbVJ3FpF.B54SECNITW3eWTV9xeDFPUG
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290962
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4094
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "806eb5d04dc482e644483ae37e933505"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8ibtLB6ynllJ7Gp1wTT3mFJMPoL_WOhWgPcNyhsKTjelv4xxA3WFWw==

GET
H2 200 6369c532b1878929198c2ffa_Brand_Icon_NAME%201.png
assets.website-files.com/6369c532b1878963f58c2f96/ 5 KB
6 KB 128ms
125ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878929198c2ffa_Brand_Icon_NAME%201.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6ffc5f9c8eea80fc4e60276724d68c426942b08b569327f06ecf0a3a55a8e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:57:22 GMT
x-amz-version-id: yc_fgjgG9V4hWgzJDDLC2iOE_tOxCXyB
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 290962
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5202
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "76859a25e80a9876e7e5c5f51d604924"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 4PJMMVWsHiJdtUEKWcTI3Xxbitm_kVCLHU-U0LhDmaV-qpGdsbeCxA==

GET
H2 200 6369c532b187896e1e8c3000_shutterstock_1917901748%201.webp
assets.website-files.com/6369c532b1878963f58c2f96/ 55 KB
55 KB 123ms
120ms Image
image/webp 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187896e1e8c3000_shutterstock_1917901748%201.webp
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dcd59b26282e97c306255b07751eef092ccf7c5544a4f5b86a0afdf5683f392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 06:36:17 GMT
x-amz-version-id: aXaGvkeBdCq8yrmcIES.V4mJ0ooqDtVX
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 25827
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56098
last-modified: Tue, 08 Nov 2022 02:55:49 GMT
server: AmazonS3
etag: "ca34992af3b35a4074d7991eacab6a87"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 2tZvHk65sg5Mxf-9sKKCajchhOmE4aCqmUdfOabEhFWBud3ac0i2Wg==

GET
H2 200 6369c532b1878971ae8c2fdf_Promo%2520Image-p-1080.png
assets.website-files.com/6369c532b1878963f58c2f96/ 41 KB
41 KB 123ms
120ms Image
image/webp 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878971ae8c2fdf_Promo%2520Image-p-1080.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac0b67ac89014a50be2daf2ff84bd0aa2a1f903e08bb3450c687dcba6343ce0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pz11ee8QY5qB0.IzSs39yFObVdCvgF_0
date: Thu, 16 Feb 2023 12:33:58 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 4366
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41504
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "db865d4de00d0cfb13051000c1cf1974"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: xnj69hlXw_AsAR9WirH6SObv9XSTxmO2i01dswORBLdhz31Cbn_k4A==

GET
H2 200 6369c532b187897e828c2fde_Scene-p-800.png
assets.website-files.com/6369c532b1878963f58c2f96/ 55 KB
56 KB 51ms
48ms Image
image/webp 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b187897e828c2fde_Scene-p-800.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b006d46ff025598fb301c847d8bff6b5de1e438a836b315e37a67ab17553d9b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 2WStkg0Xsx1qRl4thQ81XMzi4goCJB8O
date: Thu, 16 Feb 2023 06:46:52 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 25192
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56572
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "04ed162b4e69a5ff0bbe7bef739e4c65"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XgopPAE_6YfV3Vx0vi2HtqlluF3824q2Adp79snh0RT_dqBqLcNmdg==

GET
H2 200 6369c532b1878915868c2fd1_OriginLogo.png
assets.website-files.com/6369c532b1878963f58c2f96/ 7 KB
7 KB 122ms
119ms Image
image/png 2600:9000:20eb:a800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6369c532b1878963f58c2f96/6369c532b1878915868c2fd1_OriginLogo.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29fcc2315d05b6772b95ae2596442bd81324b43c73b0d1cb8b34ea450d8db7f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:12:32 GMT
x-amz-version-id: PJCYnPTpEkB87LG8IoCQr8kkZ230fi7p
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
age: 131652
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7184
last-modified: Tue, 08 Nov 2022 02:55:48 GMT
server: AmazonS3
etag: "1474c24b009a9329adc7f7dad2388e6d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: iDdxmDKmey1ZN3mk5DChDhLelBvAto7Bc95FgNrea_hJsAS2pRuUtQ==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 21 KB
21 KB 205ms
103ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CDroid+Serif:400,400italic,700,700italic%7CRoboto+Slab:regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 21:13:17 GMT
x-content-type-options: nosniff
age: 232406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21508
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v23/ 17 KB
17 KB 165ms
64ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:56:37 GMT
x-content-type-options: nosniff
age: 478206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 00:56:37 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 133ms
32ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 21:10:39 GMT
x-content-type-options: nosniff
age: 232564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 21:10:39 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 17 KB
17 KB 232ms
132ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:39:55 GMT
x-content-type-options: nosniff
age: 234408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 20:39:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 224ms
124ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:03:59 GMT
x-content-type-options: nosniff
age: 45764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 01:03:59 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 280ms
179ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 00:57:45 GMT
x-content-type-options: nosniff
age: 218938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 00:57:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 282ms
182ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:23:04 GMT
x-content-type-options: nosniff
age: 5019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:23:04 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 312ms
212ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:53:57 GMT
x-content-type-options: nosniff
age: 3166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:53:57 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 204ms
104ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:22:26 GMT
x-content-type-options: nosniff
age: 131057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 01:22:26 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 276ms
177ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 20:28:40 GMT
x-content-type-options: nosniff
age: 494283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 20:28:40 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 204ms
105ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:55:24 GMT
x-content-type-options: nosniff
age: 75079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:55:24 GMT

GET
H2 200 tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
fonts.gstatic.com/s/droidserif/v19/ 20 KB
20 KB 236ms
137ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:40:56 GMT
x-content-type-options: nosniff
age: 3947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:27:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:40:56 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 248ms
149ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:24:57 GMT
x-content-type-options: nosniff
age: 238906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 19:24:57 GMT

GET
H2 200 tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
fonts.gstatic.com/s/droidserif/v19/ 23 KB
23 KB 260ms
161ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:41:20 GMT
x-content-type-options: nosniff
age: 234323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23520
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:16:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 20:41:20 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 32 KB
32 KB 315ms
216ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:19:54 GMT
x-content-type-options: nosniff
age: 1609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:19:54 GMT

GET
H3 200 cmscore.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/ 18 KB
7 KB 37ms
14ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/cmscore.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cb1e4781edaa735a0ada1f270898c44a4713923fdc1245f9ea1c5dab9e034801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 35184
x-jsd-version: 1.10.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6871
x-served-by: cache-fra-eddf8230074-FRA
x-jsd-version-type: version
etag: W/"495e-HkOA87fAXHLiSiBjleDc7+pKNqU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 animation.esm.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/ 11 KB
5 KB 37ms
15ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/animation.esm.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4588
x-jsd-version: 1.2.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4786
x-served-by: cache-fra-eddf8230074-FRA
x-jsd-version-type: version
etag: W/"2dcc-d2LLzMwVxUMcDcR94bZTJr30OVE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
18ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 12:54:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3118
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 14:54:45 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 62ms
15ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58116
accept-ranges: bytes
content-length: 4777

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QJGQDRLRHB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

234144ca5b1089823e3bce05e32b0e255ab5df9c5d969c133ad7a736c418ae1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Feb 2023 13:46:43 GMT

GET
H2 200 8525498.js Show response
js.hs-scripts.com/ 2 KB
968 B 190ms
159ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8525498.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33833e63c15fb27846adb301246bc8106c10021a31e7fad5b79f8402fc1855f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 15 Feb 2023 22:25:28 GMT
server: cloudflare
x-hubspot-correlation-id: effc9a87-937f-471e-9988-f6ba5e078e16
x-trace: 2BD038FD43EC10B8DC34FAAE7BBFFAB0FDE37DEC82000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.useorigin.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 79a6bb25ec36377c-FRA
expires: Thu, 16 Feb 2023 13:47:43 GMT

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_75ca1a7ff1d7477c4663be8f462bc46b/ 2 KB
1 KB 306ms
257ms Script
application/javascript 2600:9000:21f3:2a00:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_75ca1a7ff1d7477c4663be8f462bc46b/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

27df83450e792837c5af9a3edc72498d94ab0ea44fc57a6ca9f1c3576e9dfdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA2-C2
etag: W/"a36a80e9d8101ffd2245208f88b057e0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: 6nVlBkOay2XcMXY8pHjh6bqNIWfWjAJw9tKbhTqFNQ2vfAZUULZH2g==

GET
H2 200 62cc5fd3425c10008f12e25a Show response
ws.zoominfo.com/pixel/ 2 KB
2 KB 187ms
157ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/62cc5fd3425c10008f12e25a

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

604a252971e7ce2d3770bf732f8ed051bb66816df37a41714cad84b596dd5bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 79a6bb25efec92b3-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=434608719&t=pageview&_s=1&dl=https%3A%2F%2Fwww.useorigin.com%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=594203673&gjid=266885995&cid=137370163.1676555204&tid=UA-240637267-1&_gid=917814447.1676555204&_r=1&_slc=1&gtm=45He32f0n81KB7Z9M2&z=802101985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.useorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4490700/domain/useorigin.com/ 36 B
370 B 188ms
161ms XHR
application/json 2600:9000:20eb:a400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4490700/domain/useorigin.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: QMcwh-zIzuWwm96e8XjxYbvmhE61fTv01fTQgkvClc-LLMQPaDMvLw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4490700%26time%3D1676555203554%26url%3Dhttps%253A%252F%252Fwww.useorigin.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true&e_ipv6=AQLQO__IrXIgjwAAAYZaejXkyGxtu2NC-UTnuIwrjf6bqGAsBs-4UuSxigUh...

0
266 B

230ms
189ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true&e_ipv6=AQLQO__IrXIgjwAAAYZaejXkyGxtu2NC-UTnuIwrjf6bqGAsBs-4UuSxigUhI3kc1HDLcT3IPda_
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CE36FBB2D1DF4B1CA4BA76E353891FA2 Ref B: FRAEDGE1822 Ref C: 2023-02-16T13:46:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX00W1mOl31hnOrIIPZcQ==

Redirect headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 18900DBB2E724A2CBB04DF1B756A52CF Ref B: FRAEDGE1806 Ref C: 2023-02-16T13:46:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4490700&time=1676555203554&url=https%3A%2F%2Fwww.useorigin.com%2F&liSync=true&e_ipv6=AQLQO__IrXIgjwAAAYZaejXkyGxtu2NC-UTnuIwrjf6bqGAsBs-4UuSxigUhI3kc1HDLcT3IPda_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX00W1iYqyuW8mdj3CiXg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 79ms
34ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-240637267-1&cid=137370163.1676555204&jid=594203673&gjid=266885995&_gid=917814447.1676555204&_u=YEBAAEAAAAAAACAAI~&z=338936177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.useorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-240637267-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QJGQDRLRHB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de5556f9146eaff05165fa5a39c23235ce4effe18b73da2d36aa260184f9a54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44182
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:46:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 64ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QJGQDRLRHB&gtm=45je32f0&_p=434608719&cid=137370163.1676555204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676555203&sct=1&seg=0&dl=https%3A%2F%2Fwww.useorigin.com%2F&dt=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QJGQDRLRHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.useorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 63ms
26ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8525498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 c1ad0e11a95c9a5b3f4d80fde7d23fea.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P4
age: 313
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=79a6b37f09ef5c56-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 79a6bb272f025c4a-FRA
x-amz-cf-id: JMCiUbyi3NqUH6DjZICUzdPGbaQAMwiB1TsaM6uDdgsEQ2LH2dQgEg==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8525498/ 202 KB
63 KB 171ms
135ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8525498/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8525498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d6576b5ffd8610be59cbb4fe68658cf537d6e5151f8c643411105ea485d7fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-amz-version-id: 5kXFMjDFgiMRi7VNefoVEI5Oxkltaamv
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 58JE6RH76AW5M3QZ
x-amz-server-side-encryption: AES256
x-amz-id-2: SP40jgZm6Q3FpK/5WEtewQwNhaRh5MCcpMQ0RHhtQe7FCDZyE/pi7vAbldsriI2WKfVXUwdRLL4=
last-modified: Fri, 03 Feb 2023 21:06:29 GMT
server: cloudflare
etag: W/"00ed8388108faeeb210bfade60e16ca0"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.useorigin.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 79a6bb272c5537d8-FRA
expires: Thu, 16 Feb 2023 13:51:43 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 174ms
140ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8525498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-amz-version-id: SRrb.93sqm.lmAPDUKFHizePSATAJlo.
via: 1.1 2ad6789a221bb559c9b8ce946b65a03a.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.315/bundles/project.js&cfRay=79a6bb272ce93a96-FRA
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Feb 2023 01:17:58 UTC
server: cloudflare
etag: W/"257b82c9f242c143eb09b6862e336a56"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=600, max-age=300
cf-ray: 79a6bb272ce93a96-FRA
x-amz-cf-id: ZCeRqPwWsU_UqeriBY5uEpT13yZxXiNanhMURY5JxfD-SXWAL2EJXA==
x-hs-target-asset: collected-forms-embed-js/static-1.315/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
87 KB 59ms
24ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8525498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 7699e4f17e72e42cba0c247c650005d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P1
age: 18041
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=79a502b028053a97-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 79a6bb272ebb39c8-FRA
x-amz-cf-id: XSpKh9rhJ7v4L25z6CUSpfdlujGhOWyIAR7PKol1tCtDll5RzH9Wyg==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 8525498.js Show response
js.hs-analytics.net/analytics/1676555100000/ 65 KB
20 KB 180ms
145ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1676555100000/8525498.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8525498.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905e73963c6622f61d1369f3935b143ff4cd6fd3f7f4046b9cddb5e7a03ef1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: C3D5V181N7NV0J7K
x-amz-server-side-encryption: AES256
x-amz-id-2: UVYHohYa10/oJKXVpF7v5U72qtT1rURECTUcB9U7KKrZyKyF9kRqA/LR42cu5E7CVVx4twYdJCA=
last-modified: Wed, 18 Jan 2023 20:26:15 GMT
server: cloudflare
etag: W/"7d8accfd11964de7fec2d2c8652ae37f"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 79a6bb272df83663-FRA
expires: Thu, 16 Feb 2023 13:51:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 24ms
24ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=434608719&t=pageview&_s=1&dl=https%3A%2F%2Fwww.useorigin.com%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1175205668&gjid=2079438028&cid=137370163.1676555204&tid=UA-240637267-1&_gid=917814447.1676555204&_r=1&gtm=457e32f0&z=1178157518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.useorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
68 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-240637267-1&cid=137370163.1676555204&jid=1175205668&gjid=2079438028&_gid=917814447.1676555204&_u=aEDAAUABAAAAACAAI~&z=21689209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.useorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_75ca1a7ff1d7477c4663be8f462bc46b/ 0
29 B 375ms
306ms Script
application/javascript 18.134.250.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_75ca1a7ff1d7477c4663be8f462bc46b/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_75ca1a7ff1d7477c4663be8f462bc46b/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.134.250.23 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-250-23.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
cache-control: private, max-age=600
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: envoy
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_75ca1a7ff1d7477c4663be8f462bc46b/ 168 KB
45 KB 313ms
243ms Script
application/javascript 18.134.250.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_75ca1a7ff1d7477c4663be8f462bc46b/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_75ca1a7ff1d7477c4663be8f462bc46b/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.134.250.23 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-250-23.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

d6924b126172f10261f681864cb14e70e1c61083505b50bf326bc20bd2321dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 172ms
137ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8525498&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74384468944e727b255c326e2d2e56b98a706440768c4f1bc35e7d94077750ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 37091c77-2359-4717-ad20-98baca415149
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.useorigin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwFOtb%2BTmqsBxvxjvXqoO5vtdhRlUT%2Bz5sDfT14YSB%2BUd4G8NlP5DSR1Y%2FRYqpX7cL9%2FZ0FU666ELHhb2e6fMZfqgU4crJMxdDJsKtVTX41WcD8bNbWTQF2xiq899RZLT9hE85%2Bc6MSfIxW0bfCp"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 79a6bb288b58382a-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
873 B 184ms
147ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8525498

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bffe461033eb6e1cc6d0f95adbb7cea8a370282dd1c9c37186632bafbf81ac11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 50ca6ad8-c985-4402-b30a-13136d6ae162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BAD985CEE6FF44955953D0EBFC498C1FBD595B5E6000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.useorigin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzjTd5NMPqN86uMUtZZLOZO8qmAjSrDqiG7reZfla9r%2FpBTdHCqbcPBP7sGd5B7kK9EkFZccxITYzztRm7hP56d4Ymrzg%2F6iLxUwVUY9UXNxNmxJnoCwq%2Bd8D1AhDTMnZaHXEdI81Rvh9Fiu"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 79a6bb289b7e2be0-FRA
access-control-allow-headers: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11000971307

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8286a33da21b6aecd4f9669c243e76e1e88896c331424f635875ad69edc8dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50849
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:46:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11000971307&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB7Z9M2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9b796115a0bc90a9d76eb0f8b39a8708dc116b3f6aa6a0754122eb7dd26b69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50855
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:46:44 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 270ms
196ms XHR
application/json 18.135.18.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_75ca1a7ff1d7477c4663be8f462bc46b/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.135.18.21 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-18-21.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.useorigin.com
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
access-control-allow-headers: Authorization, API-Version, Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11000971307/ 2 KB
1 KB 184ms
96ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11000971307/?random=1676555204191&cv=11&fst=1676555204191&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.useorigin.com%2F&tiba=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1258984992.1676555204&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11000971307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

047a14dcf20866cf4e93e4b9e951419cc25d40fa3cb72c89306c5d0d73f4e935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11000971307/ 42 B
456 B 85ms
31ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11000971307/?random=1676555204191&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.useorigin.com%2F&tiba=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3797271816&rmt_tld=0&ipr=y

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11000971307/ 42 B
456 B 160ms
68ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11000971307/?random=1676555204191&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.useorigin.com%2F&tiba=Financial%20Wellness%20Benefits%20%7C%20Origin%20Financial&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3797271816&rmt_tld=1&ipr=y

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:46:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
900 B 193ms
143ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1878800189&v=1.1&a=8525498&pu=https%3A%2F%2Fwww.useorigin.com%2F&t=Financial+Wellness+Benefits+%7C+Origin+Financial&cts=1676555204553&vi=4dc813d3cce0396ac295c48aa3a9e620&nc=true&u=72197068.4dc813d3cce0396ac295c48aa3a9e620.1676555204550.1676555204550.1676555204550.1&b=72197068.1.1676555204550&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dc9119e4-9956-4380-bcf6-e92d08d37ebd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb%2F43adjLbwxMsX7djlN%2F5V6A0PdS0RJK3FQGVqntzOyg8No8BCoHT%2BKOA36Jst4VQstN3uwByWGJF5ldoxOCXDFVZm9kryPMqYWt9ibM%2BMcG90i%2BWrpK0RvdfNORIjehdtP4oBvBr%2FUezmnTXDL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 79a6bb2ccca52c53-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
809 B 165ms
164ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=8525498&utk=4dc813d3cce0396ac295c48aa3a9e620&__hstc=72197068.4dc813d3cce0396ac295c48aa3a9e620.1676555204550.1676555204550.1676555204550.1&__hssc=72197068.1.1676555204550&currentUrl=https%3A%2F%2Fwww.useorigin.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226d069329db1116451d95f91b51071ff0bd9e74160513dd0a1fdd241968ec34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c42d8269-6790-469f-a1ad-2f2efff70535
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.useorigin.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY%2FJnGfTm8NRb5jOp%2BSpi5VUZSPFIx7m8%2Fv0f1W8mXhvy4zLIL5gdyYv0zOTOQ61D9pXT5%2B6IOy%2FmiZBbOu%2B7okJJeRir3axYAjnsJ7dfIk62V0FgHDtXoFTB4i%2BUHUP6wzi6bP6Y7zGxJwvbZFe"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 79a6bb2c9954382a-FRA

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.useorigin.com/	1970-01-20 09:44:01	Name: _gid Value: GA1.2.917814447.1676555204
.useorigin.com/	1970-01-20 09:42:35	Name: _gat_UA-240637267-1 Value: 1
.useorigin.com/	1970-01-20 19:18:35	Name: _ga_QJGQDRLRHB Value: GS1.1.1676555203.1.0.1676555203.0.0.0
.ws.zoominfo.com/	1970-01-20 18:28:11	Name: visitorId Value: 3568dcd4c200f778a2066b83c77a5bdd89af67f11e7232dea4b0dcba3ba47b29
.zoominfo.com/	1970-01-20 09:42:37	Name: __cf_bm Value: J97hxCRBM38ILiPIQMHOyQp9VRf7QqcK6TcC_lv8JIo-1676555203-0-AeJ94h62OAhJZmz592OKbqPd4ia1l9jsUrNNofAhet/lLk8DpjYcYXQCf4k/Bks745Qg7Ay7K/R0tig7oLZUq8E=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: AsNee4cteds51C1bz9nHMj2AWEgNBqfdcBcXCVlhx1Y-1676555203654-0-604800000
.useorigin.com/	1970-01-20 19:18:35	Name: _ga Value: GA1.2.137370163.1676555204
.useorigin.com/	1970-01-20 09:42:35	Name: _gat_gtag_UA_240637267_1 Value: 1
www.useorigin.com/	1970-01-20 09:44:01	Name: ln_or Value: eyI0NDkwNzAwIjoiZCJ9
.linkedin.com/	1970-01-20 10:25:47	Name: UserMatchHistory Value: AQIxlHto7R32fwAAAYZaejRY_bOi-u5iB-Ug3n9UgP2b7p0I9onsOTshlSP65iGnrH87JspqHLQblQ
.linkedin.com/	1970-01-20 10:25:47	Name: AnalyticsSyncHistory Value: AQL3P6OPvS4QSwAAAYZaejRY3SBodQ3AdSW0mP-Rlj6zAG-ffOyQoH0QZTgaus-3bpbMv2SDdgqdTXBgDd_9SA
.linkedin.com/	1970-01-20 18:28:11	Name: bcookie Value: "v=2&afa72e00-eab6-42f7-8eb6-37b8536f9be4"
.linkedin.com/	1970-01-20 09:44:01	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2576:u=1:x=1:i=1676555203:t=1676641603:v=2:sig=AQEHaD22Z0DrOxuXCEOjLdVtQJJ8ENic"
.www.linkedin.com/	1970-01-20 18:28:11	Name: bscookie Value: "v=1&202302161346432bd6f80c-368f-4bf6-839c-631626e811bbAQHpFPpy4cwhln-G36Ts8CuSCrHUrLMU"
.linkedin.com/	1970-01-20 14:01:47	Name: li_gc Value: MTswOzE2NzY1NTUyMDM7MjswMjEo8DPsaGc0bcEHHu35Y1i8ZF9TEHwqmRfJtXFDAbxfmw==
.useorigin.com/	1970-01-20 18:28:11	Name: cb_user_id Value: null
.useorigin.com/	1970-01-20 18:28:11	Name: cb_group_id Value: null
.useorigin.com/	1970-01-20 18:28:11	Name: cb_anonymous_id Value: %22c65c671c-bd51-403f-90a9-338e22a35376%22
.useorigin.com/	1970-01-20 11:52:11	Name: _gcl_au Value: 1.1.1258984992.1676555204
.doubleclick.net/	1970-01-20 09:42:36	Name: test_cookie Value: CheckForPermission
.useorigin.com/	1970-01-20 14:01:47	Name: __hstc Value: 72197068.4dc813d3cce0396ac295c48aa3a9e620.1676555204550.1676555204550.1676555204550.1
.useorigin.com/	1970-01-20 14:01:47	Name: hubspotutk Value: 4dc813d3cce0396ac295c48aa3a9e620
.useorigin.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.useorigin.com/	1970-01-20 09:42:37	Name: __hssc Value: 72197068.1.1676555204550
.hubspot.com/	1970-01-20 09:42:37	Name: __cf_bm Value: EV1_VZTTggnj9pbLkB7ITHFG.PbP36VSfgG_fPKLixE-1676555204-0-AbKFt78TznzbnOzUQHQBz5w2aXkkZG2VYv40Rohf9qPocNvwl8zojZQmP/tGi8iIA0sYBEMFFWMeUWIHvMnfTOc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubapi.com
app.clearbit.com
assets.website-files.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
tag.clearbitscripts.com
track.hubspot.com
useorigin.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.useorigin.com
x.clearbitjs.com
13.107.42.14
13.225.84.117
18.134.250.23
18.135.18.21
2001:4860:4802:32::36
2600:9000:20eb:a400:2:53b2:240:93a1
2600:9000:20eb:a800:11:3b84:d200:93a1
2600:9000:21f3:2a00:7:d7d6:3c40:93a1
2606:4700:4400::6812:21ab
2606:4700::6810:650c
2606:4700::6811:44b0
2606:4700::6811:71b0
2606:4700::6811:81ab
2606:4700::6811:c8cc
2606:4700::6811:d2cc
2606:4700::6811:eacc
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a00:1450:400d:806::2003
2a00:1450:400d:808::200a
2a00:1450:400d:80e::2002
2a02:26f0:3500:16::215:148d
2a04:4e42:200::485
34.251.201.224
75.2.70.75
047a14dcf20866cf4e93e4b9e951419cc25d40fa3cb72c89306c5d0d73f4e935
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
071de276f776f54beef5aad06d7ca6b271faeb811aeb47890cba61d77d75940e
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1859269baba7683711ae786ce9a450003e02a317f9b7f3f0e544d888afb9316a
226d069329db1116451d95f91b51071ff0bd9e74160513dd0a1fdd241968ec34
234144ca5b1089823e3bce05e32b0e255ab5df9c5d969c133ad7a736c418ae1d
23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854
27df83450e792837c5af9a3edc72498d94ab0ea44fc57a6ca9f1c3576e9dfdfc
29fcc2315d05b6772b95ae2596442bd81324b43c73b0d1cb8b34ea450d8db7f4
2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076
33833e63c15fb27846adb301246bc8106c10021a31e7fad5b79f8402fc1855f9
36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200
3ad171aef0719ba644b76d848c157d0c95ab6c8a733a4d1d52bcc7d0ddd939f4
3f8ca01997711f5af53c713912d0d94052525c5ff5864f32ddfda71e83883fb4
45cea51f8f1837941d0eb43418c92f8fa7f1fa08b818ba1e91efe64fb0246403
4dcd59b26282e97c306255b07751eef092ccf7c5544a4f5b86a0afdf5683f392
4f57f9d884f8550ed624e7c2634d644b3ec3fae05d467fca19642d154dab6ada
4f7549b5e5e9f66040075d8245b8ab13f6416e76f9801d749991720409a31ef4
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f902c656a700bb549668850acf5f89ba60acd7ed0a397ebe5e0afdc67f72ed3
604a252971e7ce2d3770bf732f8ed051bb66816df37a41714cad84b596dd5bcf
68cd093ad5671d22119473e5fa5136e48275f340bb4f96adf259c5a52b6dfa46
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6f7ea40c61a169851d007dcad71b6b7cd6ed3a2f169116abdfeac321c510f135
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193
74384468944e727b255c326e2d2e56b98a706440768c4f1bc35e7d94077750ae
7699ad07e8e67d37dedad904c2cd43e4aa11e14ba658bb649c4c460b88f2c4f1
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dad644608536b01a1481dfc2a0ba31b95aec2790ada69ce2a7b8cfadd0f2ccb
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8c4aedd4e835f17f79ceb8b119b9393aa46baa522649d34ee974dc2498ec0583
8e225be7ce1fdc61acb6de15659a732fa3bc9c91b5f61199f52aa4193dbfb696
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
a5e5ab1fb37217dc938da3ba3ee23a0cefe5e5b38b4850501b755e2e257bba6c
a71ace98f7236de2be33df0abe3e2200a699f3422e77e8eb23d4021dad1ea1d4
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a8286a33da21b6aecd4f9669c243e76e1e88896c331424f635875ad69edc8dab
a905e73963c6622f61d1369f3935b143ff4cd6fd3f7f4046b9cddb5e7a03ef1a
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
ac0b67ac89014a50be2daf2ff84bd0aa2a1f903e08bb3450c687dcba6343ce0e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b006d46ff025598fb301c847d8bff6b5de1e438a836b315e37a67ab17553d9b7
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
b6ffc5f9c8eea80fc4e60276724d68c426942b08b569327f06ecf0a3a55a8e52
b990621b1c87dd0fc0dac60359cfccb410086f8fbf81b5eb997ab7619dad6d39
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bffe461033eb6e1cc6d0f95adbb7cea8a370282dd1c9c37186632bafbf81ac11
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4c9933a568cb6b01cb6873d0d152f034f903e8108ca7b0acfa9d14252e4d2a0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b796115a0bc90a9d76eb0f8b39a8708dc116b3f6aa6a0754122eb7dd26b69e
cb1e4781edaa735a0ada1f270898c44a4713923fdc1245f9ea1c5dab9e034801
cf37ddb207e00b70bbb70feafa2694fc2d102913fffefb6ba1dc141f8ccd9fcd
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d6924b126172f10261f681864cb14e70e1c61083505b50bf326bc20bd2321dc2
d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3
d9d6576b5ffd8610be59cbb4fe68658cf537d6e5151f8c643411105ea485d7fe
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcbb51e73f1dac4c867932a77eea1f29af697efc27efd447ff533a1f3e3be4c1
dd537e05b8d6241a353f47f4d213d99e9d183e173791fe8246e1d45e06598875
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5556f9146eaff05165fa5a39c23235ce4effe18b73da2d36aa260184f9a54f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44fe30001c83cd5d6df850f978f1e97d6abe969884645d4b84f4245d2303f6b
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b
ea87d63e3c619104701c2aec3af2597df5bbff672e539eeedc01d93e9716dd4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062
fd4a43fd557fb37f083e48aef776295d794253cacff01c314152c876c8e3927b
fea11b4b51a07a6e929d22015acd909204fe81f6bfc631e6e4ede18c5ffe572c

www.useorigin.com Open in urlscan Pro 34.251.201.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

80 %IPv6

26 Domains

33 Subdomains

29 IPs

5 Countries

1758 kBTransfer

3674 kBSize

25 Cookies

5 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.useorigin.com Open in urlscan Pro
34.251.201.224 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

80 %
IPv6

26
Domains

33
Subdomains

29
IPs

5
Countries

1758 kB
Transfer

3674 kB
Size

25
Cookies

82 HTTP transactions
1 data transactions