www.useorigin.com Open in urlscan Pro
34.105.100.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://useorigin.com/
Effective URL:
https://www.useorigin.com/
Submission: On August 19 via manual (August 19th 2022, 10:39:22 am UTC) from IN — Scanned from DE

Summary HTTP 51 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 51 HTTP transactions. The main IP is 34.105.100.1, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.useorigin.com.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.

This is the only time www.useorigin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 23	34.105.100.1 34.105.100.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6813:9059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	9

23 34.105.100.1 (The Dalles, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.100.105.34.bc.googleusercontent.com

useorigin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.useorigin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6813:9059 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	useorigin.com 2 redirects useorigin.com www.useorigin.com	1 MB
14	termly.io app.termly.io — Cisco Umbrella Rank: 24499	150 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1727 ka-p.fontawesome.com — Cisco Umbrella Rank: 3725	24 KB
3	gstatic.com fonts.gstatic.com	78 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4341	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286	89 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	64 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6505	147 KB
51	8

	Domain	Requested by
22	www.useorigin.com	1 redirects www.useorigin.com
14	app.termly.io	www.useorigin.com app.termly.io
6	ka-p.fontawesome.com	kit.fontawesome.com www.useorigin.com
3	fonts.gstatic.com	fonts.googleapis.com
2	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.useorigin.com
1	kit.fontawesome.com	www.useorigin.com
1	js.hsforms.net	www.useorigin.com
1	ajax.googleapis.com	www.useorigin.com
1	fonts.googleapis.com	www.useorigin.com
1	useorigin.com	1 redirects
51	11

This site contains links to these domains. Also see Links.

Domain
app.useorigin.com
useorigin.wpengine.com

Subject Issuer	Validity	Valid
www.useorigin.com R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2022-04-29` - `2023-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.useorigin.com/
Frame ID: BA499B07BCC3493EE5F69608B0D13CD8
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Origin Financial

Page URL History Show full URLs

http://useorigin.com/ HTTP 301
http://www.useorigin.com/ HTTP 301
https://www.useorigin.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

11
Subdomains

9
IPs

2
Countries

1663 kB
Transfer

3772 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://app.useorigin.com/login
Title: Employee Login

Search URL Search Domain Scan URL

URL: https://useorigin.wpengine.com/ebooks/equity-compensation/
Title: Download now

Search URL Search Domain Scan URL

URL: https://useorigin.wpengine.com/request-a-demo/
Title: Get started

Search URL Search Domain Scan URL

URL: https://useorigin.wpengine.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://useorigin.wpengine.com/wp-content/uploads/2022/07/Origin-Financial-Form-CRS-March-2022.pdf
Title: CRS

Search URL Search Domain Scan URL

URL: https://useorigin.wpengine.com/wp-content/uploads/2022/07/Origin-Financial-2A-6-6-2022-1.pdf
Title: ADV

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://useorigin.com/ HTTP 301
http://www.useorigin.com/ HTTP 301
https://www.useorigin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.useorigin.com/
Redirect Chain

http://useorigin.com/
http://www.useorigin.com/
https://www.useorigin.com/

127 KB
18 KB

827ms
380ms

Document
text/html

34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 3ad8462772ad8b17ff7b5630d5b098ed6e1c54e57b329f2994de099b488b5c10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 10:39:08 GMT
link: <https://www.useorigin.com/wp-json/>; rel="https://api.w.org/" <https://www.useorigin.com/wp-json/wp/v2/pages/776>; rel="alternate"; type="application/json" <https://www.useorigin.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding
x-cache: MISS
x-cache-group: normal
x-cacheable: NO:Set Known Cookie
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 19 Aug 2022 10:39:08 GMT
Keep-Alive: timeout=20
Location: https://www.useorigin.com/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto+Slab:wght@400;500&display=swap

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e9abce77a07b44631984643003273ed4902fad01fa39fd92b235640d61fef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 10:39:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 10:39:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 10:39:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 02:17:09 GMT
x-content-type-options: nosniff
age: 30120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 02:17:09 GMT

GET
H2 200 style.min.css
www.useorigin.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 189ms
188ms Stylesheet
text/css 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.css
www.useorigin.com/wp-content/themes/origin-theme/public/css/ 173 KB
19 KB 189ms
188ms Stylesheet
text/css 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/public/css/main.css?id=77d994c1642edeb9917bf6d0c0f57d2f&ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aeeae07be0754ef50637308a2ac4fd1731f6038e275c507acb5193154df0ca35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:44 GMT
server: nginx
etag: W/"62e04e04-2b5f0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 66ms
33ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 590
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 10:57:52 UTC
server: cloudflare
etag: W/"8cfc2a51250daf33edd2e1dda3f1654b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HTZPY8T%2BXegvMx1eggVqH6ZF%2BppmPa0256mX%2BpnolfyToO3JKW4HtWs3Rz27PEM59OI1lzh4OzvwvvlBmxuxvzv9ds3BTyr2teSL6%2BxuEZOHdCrwtjKEMNxqlxlWEJJ09PtGgpTjzEZ%2Bu0p"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: elWqSweed2C2dWtDipd3d9hhUaqI4uV.
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 73d243819ce292b1-FRA
x-amz-cf-id: Uii5baFZJNwJ5a6tKG29CuBcem_ClFcirHUoBPZplXHGhDsm9FaUGA==
x-hs-target-asset: FormsNext/static-5.519/bundles/project_with_deps.js

GET
H2 200 Photo-1.jpg
www.useorigin.com/wp-content/uploads/2022/06/ 135 KB
135 KB 303ms
302ms Image
image/jpeg 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/06/Photo-1.jpg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6123576f223d1ca85665a155ec8ef6debc52b316b7b491262bc96e0d7af8031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
last-modified: Tue, 26 Jul 2022 17:13:43 GMT
server: nginx
etag: "62e020c7-21a5c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 137820

GET
H2 200 Vector-43.png
www.useorigin.com/wp-content/uploads/2022/06/ 36 KB
36 KB 353ms
352ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/06/Vector-43.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c91abc13bef99ffb848ccf965e3b8e35b37ce792f9bc18c71c4b184d39558d72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
last-modified: Tue, 26 Jul 2022 17:13:43 GMT
server: nginx
etag: "62e020c7-8f2e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 36654

GET
H2 200 manifest.js Show response
www.useorigin.com/wp-content/themes/origin-theme/public/js/ 1 KB
1 KB 192ms
192ms Script
application/javascript 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/public/js/manifest.js?id=a0396d59b39f034def801ff43c7bbf78&ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1a50bc7720f6218227d8021ad00850fc6f0ed86b8e14f1a5fd6f8636bdd8ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:45 GMT
server: nginx
etag: W/"62e04e05-5e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 vendor.js Show response
www.useorigin.com/wp-content/themes/origin-theme/public/js/ 92 KB
35 KB 193ms
193ms Script
application/javascript 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/public/js/vendor.js?id=c1e1957c67cdf9a4cf07f664730e16b3&ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 132da4839c63ddad41ac7e30ac734b99f9255a881fa450140d7d29846ca1720f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:45 GMT
server: nginx
etag: W/"62e04e05-17195"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 app.js Show response
www.useorigin.com/wp-content/themes/origin-theme/public/js/ 456 KB
116 KB 303ms
301ms Script
application/javascript 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/public/js/app.js?id=286ecb18b061df707c349dd27ed1e5bb&ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2210a05e545896e13fe2263ed685e02f612d279a1eabcb55cafa6dbac537e2f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:45 GMT
server: nginx
etag: W/"62e04e05-72113"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 542bc19f2f.js Show response
kit.fontawesome.com/ 11 KB
4 KB 58ms
30ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/542bc19f2f.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bfa1a835c293aed8ce8c6bbbffa2b2202c72934804caa0d640d5d372fe1dddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.useorigin.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 73d243833c109280-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fwy4zBnOOHaMbmLId-LB

GET
H2 200 wp-emoji-release.min.js Show response
www.useorigin.com/wp-includes/js/ 18 KB
5 KB 353ms
353ms Script
application/javascript 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.useorigin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
64 KB 141ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3HX6MB

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9cbc652b522d563c8e17df176f969342ce3c8c24206f3e70769f9975ea984b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65489
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Aug 2022 10:39:09 GMT

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/8525498/dfb21c92-eeb5-47aa-914f-e0f032079829/ 0
0 172ms
139ms Preflight
text/plain 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8525498/dfb21c92-eeb5-47aa-914f-e0f032079829/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.useorigin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.useorigin.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 73d243837b809975-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 19 Aug 2022 10:39:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: fcd4df25-4fd8-48bc-8e13-22f28d02dc02
x-robots-tag: none
x-trace: 2B6147B6F9E3B32E5808FF6CDD5DE936EDF7A99219000000000000000000

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8525498/dfb21c92-eeb5-47aa-914f-e0f032079829/ 2 KB
1 KB 162ms
160ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8525498/dfb21c92-eeb5-47aa-914f-e0f032079829/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c624f98ac1ba39eadf48b83ed95c46640bb495bda7fd9fc00c7bfc60417ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.useorigin.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 6cf29017-e07a-4ccf-b224-ce06548fa4e0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B2AE72CE1125A526FCA117DC819C12CBF44B92148000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.useorigin.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 73d243845ca09975-FRA
access-control-allow-headers: *

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 32 KB
32 KB 163ms
77ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto+Slab:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:06:46 GMT
x-content-type-options: nosniff
age: 264743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32860
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:06:46 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 187ms
102ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto+Slab:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 235860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 17:08:09 GMT

GET
H2 200 fifty-fifty-image-content-heading-pattern.svg
www.useorigin.com/wp-content/themes/origin-theme/img/ 500 KB
39 KB 302ms
301ms Image
image/svg+xml 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/img/fifty-fifty-image-content-heading-pattern.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7df803173144e5c1db9ddfffc292cf862b200ff8795fd82fe917ab83f56b04c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:37 GMT
server: nginx
etag: W/"62e04dfd-7d082"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 104ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto+Slab:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.useorigin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 235860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 17:08:09 GMT

GET
H2 200 embed.min.js Show response
app.termly.io/ 204 KB
72 KB 67ms
24ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.useorigin.com
URL: https://www.useorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d4a5b91f826cbcaa7e5915e75bbc9d51dc36a11bd78214226bdb1bd999253d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5279
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-33001"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d243851f359189-FRA
expires: Fri, 19 Aug 2022 14:39:09 GMT

GET
H3 200 184.embed.min.js Show response
app.termly.io/ 154 KB
49 KB 43ms
22ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/184.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa1b645d78b14071b2fea7c12deff6d18ec6529356a5425c4ba4bf44e6aeec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5105
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-26954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d24385fb0cbbaf-FRA
expires: Fri, 19 Aug 2022 14:39:09 GMT

GET
H3 200 864.embed.min.js Show response
app.termly.io/ 19 KB
6 KB 39ms
19ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/864.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b194e24cde7b4768202c9aac39f5861b84d94fe9383878d46e71624caf4a4d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5076
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-4a1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d24385fb08bbaf-FRA
expires: Fri, 19 Aug 2022 14:39:09 GMT

GET
H2 200 Origin-Logo.svg
www.useorigin.com/wp-content/uploads/2022/06/ 9 KB
4 KB 151ms
150ms Image
image/svg+xml 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/06/Origin-Logo.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e6a992617365d82526e01907be1c9e356f8034bcee69fcf0bf09bd95c435072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 17:13:42 GMT
server: nginx
etag: W/"62e020c6-23b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 login-icon.svg
www.useorigin.com/wp-content/uploads/2022/06/ 3 KB
2 KB 151ms
151ms Image
image/svg+xml 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/06/login-icon.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a6372d706a4e21f4e92957fd5c8acc938e1872a455f6284768fecf9da8059798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 17:13:43 GMT
server: nginx
etag: W/"62e020c7-a77"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 origin-white.svg
www.useorigin.com/wp-content/themes/origin-theme/img/ 11 KB
5 KB 201ms
201ms Image
image/svg+xml 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/img/origin-white.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ced7ad6b13e786ff86f79335145f4f0bd6f830466cc3bff251c31ec1d324feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:09 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:38 GMT
server: nginx
etag: W/"62e04dfe-2de7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Imagepanel_comp2-1-768x517.png
www.useorigin.com/wp-content/uploads/2022/07/ 105 KB
105 KB 153ms
152ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/Imagepanel_comp2-1-768x517.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bbcb7b527d50280ed19f22006ffe8c8c6bca8f72abc16cc45a5abc26b7a63413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Wed, 27 Jul 2022 20:22:17 GMT
server: nginx
etag: "62e19e79-1a43f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 107583

GET
H2 200 Imagepanel_comp3-1-768x525.png
www.useorigin.com/wp-content/uploads/2022/07/ 149 KB
149 KB 243ms
242ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/Imagepanel_comp3-1-768x525.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d14675a4922cf7cccfc70c1de0079397da055db546d0fe5d71eca2e3a6325f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Wed, 27 Jul 2022 20:21:35 GMT
server: nginx
etag: "62e19e4f-252b1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 152241

GET
H2 200 Assess-Graphic-768x523.png
www.useorigin.com/wp-content/uploads/2022/06/ 123 KB
123 KB 246ms
246ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/06/Assess-Graphic-768x523.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d369a565d9bc4c4c4bed136e379e6ce2644fa649bc1c57ed7e221286743e26d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Tue, 26 Jul 2022 17:13:43 GMT
server: nginx
etag: "62e020c7-1ec1a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 125978

GET
H2 200 conversation-about-money-300x207.png
www.useorigin.com/wp-content/uploads/2022/07/ 6 KB
6 KB 270ms
269ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/conversation-about-money-300x207.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 38762472eb5c3461a8c16d670c66dafaa5c000be079a949c5d7e4158aada7c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Tue, 26 Jul 2022 17:13:41 GMT
server: nginx
etag: "62e020c5-16b5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5813

GET
H2 200 advice-where-your-employees-300x233.png
www.useorigin.com/wp-content/uploads/2022/07/ 5 KB
5 KB 270ms
269ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/advice-where-your-employees-300x233.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 959572ae9fb27b34d5d09d6136281d3ded9b160d52ea65ca51ce62836664e52c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Tue, 26 Jul 2022 17:13:41 GMT
server: nginx
etag: "62e020c5-146e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5230

GET
H2 200 solve-stress-300x160.png
www.useorigin.com/wp-content/uploads/2022/07/ 8 KB
8 KB 270ms
269ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/solve-stress-300x160.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b8c1c562983e3f72a5667fe8f8a1dfbddfe01a9df3ba84cdfc47b20f6e5a7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Tue, 26 Jul 2022 17:13:41 GMT
server: nginx
etag: "62e020c5-1e4f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7759

GET
H2 200 Image_tall_financial_confidence-763x1024.png
www.useorigin.com/wp-content/uploads/2022/07/ 282 KB
283 KB 258ms
257ms Image
image/png 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/uploads/2022/07/Image_tall_financial_confidence-763x1024.png
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e88d52f829f6dbbe9c088a21b263d11b6269a46c76d5e9cb799c17cde1a4aa1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
last-modified: Tue, 26 Jul 2022 17:13:40 GMT
server: nginx
etag: "62e020c4-46910"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 289040

GET
H2 200 bullet-checkmark.svg
www.useorigin.com/wp-content/themes/origin-theme/img/ 2 KB
1 KB 256ms
256ms Image
image/svg+xml 34.105.100.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.useorigin.com/wp-content/themes/origin-theme/img/bullet-checkmark.svg
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.100.1 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.100.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed29c94829f576cd0b699838b034ec43bb745548c48a848d6bd2e44c85a7f25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 20:26:36 GMT
server: nginx
etag: W/"62e04dfc-7b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v5.15.4/js/ 14 KB
4 KB 50ms
36ms Fetch
application/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=542bc19f2f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/542bc19f2f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-1003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 73d24387abb99280-FRA
content-length: 4099

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v5.15.4/js/ 40 KB
14 KB 64ms
51ms Fetch
application/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=542bc19f2f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/542bc19f2f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-37b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 73d24387abbc9280-FRA
content-length: 14264

OPTIONS
H3 200 de418194-692c-402b-a9eb-64d6ac145443
app.termly.io/api/v1/snippets/websites/ 0
0 234ms
202ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.useorigin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73d243881c9d8fd4-FRA
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Fri, 19 Aug 2022 10:39:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 ip
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ 0
0 217ms
186ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ip?random-uuid=ec221c55-dc89-1b54-51f3-424bfa9c64fb

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.useorigin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73d243881c9c8fd4-FRA
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Fri, 19 Aug 2022 10:39:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 de418194-692c-402b-a9eb-64d6ac145443 Show response
app.termly.io/api/v1/snippets/websites/ 2 KB
1 KB 194ms
193ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443

Requested by

Host: app.termly.io
URL: https://app.termly.io/864.embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97289781ed194838c11539172e99e4eb234266e6e9f3b7dd4a38e05116400cb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b45dc2fa-2704-440d-b843-0c4236c61429
x-runtime: 0.005793
expires: Fri, 19 Aug 2022 14:39:10 GMT
server: cloudflare
etag: W/"97289781ed194838c11539172e99e4eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-ray: 73d243895f0e8fd4-FRA
access-control-expose-headers

GET
H3 200 ip Show response
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ 114 B
724 B 189ms
189ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ip?random-uuid=ec221c55-dc89-1b54-51f3-424bfa9c64fb

Requested by

Host: app.termly.io
URL: https://app.termly.io/864.embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e91d5d86c8a05204fad5b360a5acca7c62a1a19a40d4796c42e7e120cb2632

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f9c12200-266b-407a-8e23-eebcbaf7d6fa
x-runtime: 0.004380
expires: Fri, 19 Aug 2022 14:39:10 GMT
server: cloudflare
etag: W/"45e91d5d86c8a05204fad5b360a5acca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-ray: 73d243894ef08fd4-FRA
access-control-expose-headers

GET
H2 200 f053.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/ 455 B
350 B 35ms
35ms Fetch
image/svg+xml 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/f053.svg?token=542bc19f2f
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3098df13a0f0bc88c8cfa74881afdb6a4358ce5e982dac0a6b44cc6c8d63b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:57:34 GMT
server: cloudflare
etag: W/"610ae31e-1c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73d24388add69280-FRA

GET
H2 200 f054.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/ 498 B
418 B 31ms
30ms Fetch
image/svg+xml 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/f054.svg?token=542bc19f2f
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3967e46fa3a102e7631cc8f66c4f87b0c50a994d60139dc9b1e70ef1de23957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:34 GMT
server: cloudflare
age: 64639
etag: W/"610ae31e-1f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73d24388adda9280-FRA

GET
H2 200 f04b.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/ 328 B
315 B 36ms
35ms Fetch
image/svg+xml 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/unicode/f04b.svg?token=542bc19f2f
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408129ff0013be34d68a5d6590b26bada5ae9237909ff3bc786b0b9384089837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:57:34 GMT
server: cloudflare
etag: W/"610ae31e-148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73d24388ade39280-FRA

GET
H2 200 times.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ 624 B
412 B 45ms
45ms Fetch
image/svg+xml 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/light/times.svg?token=542bc19f2f
Requested by: Host: www.useorigin.com
URL: https://www.useorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bb7c16cb296145abd4eb2379255f977abee25098990820b38ea15473a17f7ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:55:04 GMT
server: cloudflare
etag: W/"610ae288-270"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73d24388ce0f9280-FRA

OPTIONS
H3 200 statistics
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ 0
0 293ms
292ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/statistics

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.useorigin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73d2438a98aa8fd4-FRA
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Fri, 19 Aug 2022 10:39:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 cookies
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/documents/86ded702-9715-4f64-b7e2-28180fb530e6/ 0
0 180ms
180ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/documents/86ded702-9715-4f64-b7e2-28180fb530e6/cookies

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.useorigin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73d2438aa8cc8fd4-FRA
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Fri, 19 Aug 2022 10:39:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 201 statistics Show response
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/ 3 B
619 B 714ms
714ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/864.embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 19 Aug 2022 10:39:11 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7175dc26-3a00-4d13-ba53-ef78ad2575a9
x-runtime: 0.023530
server: cloudflare
etag: W/"43974ed74066b207c30ffd0fed514676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
vary: Origin
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-ray: 73d2438c6afc8fd4-FRA
access-control-expose-headers

GET
H3 200 677.embed.min.js Show response
app.termly.io/ 12 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/677.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cbfe5b9f8c7bb99a20b6d783586ca3a0bed6edd9d2fc0c65fee717fc244b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4446
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-3105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d2438aabb3bbaf-FRA
expires: Fri, 19 Aug 2022 14:39:10 GMT

GET
H3 200 852.embed.min.js Show response
app.termly.io/ 41 KB
12 KB 17ms
16ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/852.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16c114265df359ce0e1eb9ac3bd734b1b536957ec0b45a860fdf599830b61f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4421
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-a55d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d2438aabbabbaf-FRA
expires: Fri, 19 Aug 2022 14:39:10 GMT

GET
H3 200 cookies Show response
app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/documents/86ded702-9715-4f64-b7e2-28180fb530e6/ 6 KB
2 KB 23ms
23ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/de418194-692c-402b-a9eb-64d6ac145443/documents/86ded702-9715-4f64-b7e2-28180fb530e6/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/864.embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29fae1681754cd2ecde21f4f93c762c6c7fdb653f595447d37fd2e9b597bb2c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.useorigin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62734
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 63454a33-3d65-4c16-bc4d-78437b3173e6
x-runtime: 0.009399
expires: Fri, 19 Aug 2022 14:39:10 GMT
server: cloudflare
etag: W/"29fae1681754cd2ecde21f4f93c762c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-ray: 73d2438bda3b8fd4-FRA
access-control-expose-headers

GET
H3 200 231.embed.min.js Show response
app.termly.io/ 3 KB
876 B 16ms
15ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/231.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f911cfeacb40740303c4d661b011d3c4ea84276386217560646c16398f9a86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.useorigin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:39:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4226
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 11 Aug 2022 18:55:32 GMT
server: cloudflare
etag: W/"62f550a4-d96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 73d2438adc14bbaf-FRA
expires: Fri, 19 Aug 2022 14:39:10 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.useorigin.com/	1969-12-31 23:59:59	Name: wordpress_google_apps_login Value: 84baeaf85c474b50524fa58a13ade12b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.termly.io
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hsforms.net
ka-p.fontawesome.com
kit.fontawesome.com
useorigin.com
www.googletagmanager.com
www.useorigin.com
2606:4700::6810:5505
2606:4700::6811:b749
2606:4700::6812:1734
2606:4700::6813:9059
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
34.105.100.1
06d4a5b91f826cbcaa7e5915e75bbc9d51dc36a11bd78214226bdb1bd999253d
132da4839c63ddad41ac7e30ac734b99f9255a881fa450140d7d29846ca1720f
16c114265df359ce0e1eb9ac3bd734b1b536957ec0b45a860fdf599830b61f2c
2210a05e545896e13fe2263ed685e02f612d279a1eabcb55cafa6dbac537e2f6
27c624f98ac1ba39eadf48b83ed95c46640bb495bda7fd9fc00c7bfc60417ced
29fae1681754cd2ecde21f4f93c762c6c7fdb653f595447d37fd2e9b597bb2c5
38762472eb5c3461a8c16d670c66dafaa5c000be079a949c5d7e4158aada7c73
3ad8462772ad8b17ff7b5630d5b098ed6e1c54e57b329f2994de099b488b5c10
408129ff0013be34d68a5d6590b26bada5ae9237909ff3bc786b0b9384089837
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
45e91d5d86c8a05204fad5b360a5acca7c62a1a19a40d4796c42e7e120cb2632
52cbfe5b9f8c7bb99a20b6d783586ca3a0bed6edd9d2fc0c65fee717fc244b2d
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f911cfeacb40740303c4d661b011d3c4ea84276386217560646c16398f9a86c
6b8c1c562983e3f72a5667fe8f8a1dfbddfe01a9df3ba84cdfc47b20f6e5a7dd
6ced7ad6b13e786ff86f79335145f4f0bd6f830466cc3bff251c31ec1d324feb
6e9abce77a07b44631984643003273ed4902fad01fa39fd92b235640d61fef74
7bfa1a835c293aed8ce8c6bbbffa2b2202c72934804caa0d640d5d372fe1dddc
7df803173144e5c1db9ddfffc292cf862b200ff8795fd82fe917ab83f56b04c8
7e6a992617365d82526e01907be1c9e356f8034bcee69fcf0bf09bd95c435072
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
959572ae9fb27b34d5d09d6136281d3ded9b160d52ea65ca51ce62836664e52c
97289781ed194838c11539172e99e4eb234266e6e9f3b7dd4a38e05116400cb7
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
9bb7c16cb296145abd4eb2379255f977abee25098990820b38ea15473a17f7ce
a6372d706a4e21f4e92957fd5c8acc938e1872a455f6284768fecf9da8059798
aeeae07be0754ef50637308a2ac4fd1731f6038e275c507acb5193154df0ca35
b194e24cde7b4768202c9aac39f5861b84d94fe9383878d46e71624caf4a4d63
b1a50bc7720f6218227d8021ad00850fc6f0ed86b8e14f1a5fd6f8636bdd8ffb
b3098df13a0f0bc88c8cfa74881afdb6a4358ce5e982dac0a6b44cc6c8d63b19
b6123576f223d1ca85665a155ec8ef6debc52b316b7b491262bc96e0d7af8031
b9cbc652b522d563c8e17df176f969342ce3c8c24206f3e70769f9975ea984b7
bbcb7b527d50280ed19f22006ffe8c8c6bca8f72abc16cc45a5abc26b7a63413
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c91abc13bef99ffb848ccf965e3b8e35b37ce792f9bc18c71c4b184d39558d72
d14675a4922cf7cccfc70c1de0079397da055db546d0fe5d71eca2e3a6325f3d
d369a565d9bc4c4c4bed136e379e6ce2644fa649bc1c57ed7e221286743e26d2
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
e3967e46fa3a102e7631cc8f66c4f87b0c50a994d60139dc9b1e70ef1de23957
e88d52f829f6dbbe9c088a21b263d11b6269a46c76d5e9cb799c17cde1a4aa1e
ed29c94829f576cd0b699838b034ec43bb745548c48a848d6bd2e44c85a7f25d
f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffa1b645d78b14071b2fea7c12deff6d18ec6529356a5425c4ba4bf44e6aeec7

www.useorigin.com Open in urlscan Pro 34.105.100.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

89 %IPv6

8 Domains

11 Subdomains

9 IPs

2 Countries

1663 kBTransfer

3772 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.useorigin.com Open in urlscan Pro
34.105.100.1 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

11
Subdomains

9
IPs

2
Countries

1663 kB
Transfer

3772 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions