playorigin.com Open in urlscan Pro
172.66.41.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://playorigin.com/
Effective URL:
https://playorigin.com/
Submission: On June 04 via api (June 4th 2024, 12:05:51 am UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 51 HTTP transactions. The main IP is 172.66.41.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is playorigin.com.
TLS certificate: Issued by GTS CA 1P5 on June 2nd 2024. Valid for: 3 months.

This is the only time playorigin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 36	172.66.41.48 172.66.41.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	104.68.81.91 104.68.81.91	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
51	14

36 172.66.41.48 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

playorigin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.68.81.91 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-81-91.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	playorigin.com 2 redirects playorigin.com	4 MB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 513	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	91 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 1124	96 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 426	9 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4041	42 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1867	253 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 102	103 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 5475	361 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1799	11 KB
51	12

	Domain	Requested by
36	playorigin.com	2 redirects playorigin.com
3	bat.bing.com	playorigin.com bat.bing.com
2	connect.facebook.net	playorigin.com connect.facebook.net
2	code.jquery.com	playorigin.com
2	cdn.jsdelivr.net	playorigin.com
2	stackpath.bootstrapcdn.com	playorigin.com
1	www.facebook.com	connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	playorigin.com
1	www.googletagmanager.com	playorigin.com
1	s7.addthis.com	playorigin.com
1	use.fontawesome.com	playorigin.com
51	12

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
forum.playorigin.com
www.facebook.com

Subject Issuer	Validity	Valid
playorigin.com GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-13` - `2024-06-11`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://playorigin.com/
Frame ID: 9C2768ECC9B81451989E137E6FF59E2F
Requests: 47 HTTP requests in this frame

Frame: https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: EB84CAB4C6FD05260A31FAFD2D1EDB89
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=247036936035555&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df590aaf2aea47c972%26domain%3Dplayorigin.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fplayorigin.com%252Ff8ee1651df696b940%26relation%3Dparent.parent&container_width=1110&href=https%3A%2F%2Fplayorigin.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large
Frame ID: 30D0EFC03479E5139B853CA1CBF2EF3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Origin Online | Free to Play Fantasy MMORPG - Home

Page URL History Show full URLs

http://playorigin.com/ HTTP 307
https://playorigin.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

51
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

12
Subdomains

14
IPs

4
Countries

4079 kB
Transfer

5488 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://forum.playorigin.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PlayOriginOnline/
Title: Origin Online

Search URL Search Domain Scan URL

URL: https://forum.playorigin.com/showthread.php?8081-Event-The-Grand-Caravan-Trade-Run-Video-Contest
Title: ’Event: The Grand Caravan Trade Run Video Contest’

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://playorigin.com/ HTTP 307
https://playorigin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Request Chain 47

https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
playorigin.com/
Redirect Chain

http://playorigin.com/
https://playorigin.com/

44 KB
18 KB

1139ms
1115ms

Document
text/html

172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3efdb04d1f666096fa33da8085bb4c2b8130d4cc8412e2dd8a2823370710689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88e3ac370a359b21-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 04 Jun 2024 00:05:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpo2A4M7dVO8BPMC8lLRonnyc2wF1Nux6R%2BNIjYBz%2ByxIJYYSJ%2BFejsWuxUabMq4BoxHT8yYTiAY4mdSt8wWAkfB7uVaFzpwF1jmBWbm5X4KEOyEHl2rsoWYXJMKLRyx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://playorigin.com/
Non-Authoritative-Reason: HSTS

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
26 KB 42ms
17ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7106627
cdn-cachedat: 12/27/2023 03:39:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ba3b1a80c65c34a24040af021232fb90
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 88e3ac3e3e91a031-FRA
cdn-requestpullsuccess: True

GET
H3 200 font.css
playorigin.com/assets/origin/css/ 1 KB
772 B 132ms
126ms Stylesheet
text/css 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/css/font.css?v=3

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

863ac69a925e2803212e7a61cb05ce374a79696500cf6d9a8c371be7b15af4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=1778
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Apr 2018 20:39:38 GMT
server: cloudflare
etag: W/"6f2-569340e11897f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCZX1UHdZ6%2FM185IGHAd33epGlB8wuIIFCrbL1%2FSjqs4ai%2BTv%2F%2FmfZmoP8l8IhaZzmnt%2BNxydele5a7kjrxe50Jy%2B%2BS4mnyjXO%2Fm0WGakuYJcDe5EIhmP4ocSewKyvFm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3e2e959b21-FRA

GET
H3 200 app_main.css
playorigin.com/assets/origin/css/ 2 KB
1 KB 144ms
135ms Stylesheet
text/css 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/css/app_main.css?v=3

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fee6ca88a96fad64a92e25cff471bec434bbbc3f5ad0745a74dee10c52e1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=3721
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 20 Apr 2019 03:54:00 GMT
server: cloudflare
etag: W/"e89-586ee2f80e424"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUZ17x9SOdXHaER8nt3eRjLGBVruZgLI0alJBtpoj6MhMt%2FtYytsaAv1kR9HfhJMVzu6g5XTCi42leA8Qu1DtMRG2vtDtg5HdhSHiQ5M0mvGTtu3o41sgsPnnHOIBOZ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3e2e999b21-FRA

GET
H3 200 origin.css
playorigin.com/assets/origin/css/ 5 KB
2 KB 144ms
135ms Stylesheet
text/css 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/css/origin.css?v=3

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea756cb6bed3ad04476f41e89576944da226f3a5a5fc331454cf1133f7876ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=7203
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Nov 2023 16:27:51 GMT
server: cloudflare
etag: W/"1c23-6097e55de8f9a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ku6%2FUg%2BVqGJHc%2BI3NQi9E%2BuNsSP5xOWWQ8fYNyzRrsUfqAQhR6V%2FhO%2FSa99yIMN9HOqCBc6%2FY6B5MTg3tH1Bsh7hHiocom3eO17ki4%2Fb7YVdiFfV4BmSvlukyIjzcVeO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3e2e9b9b21-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
11 KB 57ms
17ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: playorigin.com
URL: https://playorigin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42130
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgL0xGhpT1%2BDoMDyA%2FCW2%2F3DRttkM3fZpUCYHiQfSIxnH3nQgee4yRTW8T3Esrdkik7qzD%2B6U7DVWXU5dkT2V%2ByPwpCB%2BJ9WodHdC%2B4Ib%2FQNDAZGNwV%2BFtpXqTOv6%2FRWFVOaEQoxZ%2FdOoih%2ByIurpKF7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 88e3ac3e5fc85bf5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 35ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 00:05:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15857
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1363
x-served-by: cache-fra-etou8220109-FRA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 fortress.png
playorigin.com/sro/icons/ 2 KB
2 KB 122ms
119ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/sro/icons/fortress.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86bfb7512a66b1c48617b63fbe07a6abe39e13eaae3cab46d616de2702895c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4428
content-disposition: inline; filename="fortress.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1558
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Nov 2018 05:21:21 GMT
server: cloudflare
etag: "114c-57b4e27537640"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIgLqcwX0NfsrkvnKLR9BNghWwwED80af7Nb1oepLni%2FceZIcyKg5Eh9icU2Mr3SjED%2FKitU38wDLuIaFdPKdMb7dIKvC3TDk%2FpzsDD5spV8IYPFGsBS6rwlFkgOQ%2BIh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ebd9b21-FRA

GET
H3 200 slide_2_2.jpg
playorigin.com/assets/origin/images/ 119 KB
120 KB 1044ms
1038ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/assets/origin/images/slide_2_2.jpg

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c0313094a44758a32728e2dd48f3c96e2b0b5743ca6d82116b86f4ee7c14e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=138630
alt-svc: h3=":443"; ma=86400
content-length: 121983
cf-bgj: imgq:100,h2pri
last-modified: Tue, 16 Apr 2019 23:25:19 GMT
server: cloudflare
etag: "21d86-586ae150dbffc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwOPxA9EhYORI4ZuU0fn%2FZ0xqIoiQ%2BwRgFoyhyTnAy652l3SP4rsmVHATYZ9q8AS7LTqL%2Fh8wlzzDsS8sh9ilwU1E329aYGO7iCSpDssaYk%2FmHfK%2BPnNw7RZZiVAZuzD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e2e9c9b21-FRA

GET
H3 200 slide_1.png
playorigin.com/assets/origin/images/ 141 KB
141 KB 133ms
127ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/assets/origin/images/slide_1.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2954bdafa694caa0f225067636f3c3b30b7da46fa6d161b97e9656732e254c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=206568
content-disposition: inline; filename="slide_1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 144034
cf-bgj: imgq:100,h2pri
last-modified: Mon, 02 Apr 2018 15:55:43 GMT
server: cloudflare
etag: "326e8-568df9f4a5dc0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=br0AAt1PWN7u2GTsR87RNsgksR%2Ftw9CgEVINHKwjQhppNcnwAu33KvjakzBKFUSdPi7IxgW%2BDEimBATyLW0W%2Fo8lOuJ%2FI%2Bo1bj4MZfANN4M%2FqCsnb9GHOeME96rKWXsB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e2e9d9b21-FRA

GET
H3 200 announcement_04.jpg
playorigin.com/images/ 100 KB
101 KB 1992ms
1990ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/announcement_04.jpg

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3574f0c8cf84b6eb1df6290c0f1f0c6f57f9e544317ea04c67b5d454c5c7dd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=128820
alt-svc: h3=":443"; ma=86400
content-length: 102719
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 Jan 2024 23:45:32 GMT
server: cloudflare
etag: "1f734-60eb424a74b97"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oydGDFrPlhrmIOw1TeWyv0THC70XFjPSP1MDY2m3NxhkrIovZCJoFJt38w%2Bwpq9OiC8GdCz4p0XInkPrrpHp9e1z98ivs9Gu8bYSiFxG3qDMZOu7EpNByEz3VJrDC0rz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ebb9b21-FRA

GET
H3 200 safe_trade_1.jpg
playorigin.com/images/2024/update/ 124 KB
124 KB 993ms
989ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/2024/update/safe_trade_1.jpg

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ff8cc1c86f4a49775de8d30e8b0ecbb17226bcfa14872d955b1bf18313d767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=152459
alt-svc: h3=":443"; ma=86400
content-length: 126486
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 May 2024 08:48:40 GMT
server: cloudflare
etag: "2538b-617ed5e7efcc4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQfXqXnxgpoCuEJZOQG8IlX4e7QZTRqcTBxPOA7IibPTbb%2F%2BSqSema%2F8PPQLaHurr28hVaayFKoFSBDA9G16gm5cDZS5SqSE%2BSmV0kQzGdkKnDCFP4xhHjrut6QRAEi8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ebc9b21-FRA

GET
H3 200 caravan1.jpg
playorigin.com/images/2024/carnival/ 104 KB
104 KB 1518ms
1516ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/2024/carnival/caravan1.jpg

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1927614a8a1a1209806cf777c9c2b0361bcc4a39f5015855d3c41da3778d995e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=111088
alt-svc: h3=":443"; ma=86400
content-length: 106348
cf-bgj: imgq:100,h2pri
last-modified: Mon, 15 Apr 2024 20:45:22 GMT
server: cloudflare
etag: "1b1f0-61628b34b7e61"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNEN9Wrfpvjmx6ICwEkv9DfyEm57kJoLBP4rBZGoVe9Et%2BsJpMdjz7i6E7oCWeyFatVQLifIVMtYqAA6OBpY%2BvYQIKmXoaw72VSOvu2NbneHUOgKSj8hlXOVahenXhdo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec19b21-FRA

GET
H3 200 time.png
playorigin.com/sro/icons/ 2 KB
3 KB 1993ms
1991ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/sro/icons/time.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e817d53a31635e88c2f3ea2eec69ad1d7d29dd4aa0ab709336020b4472612438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=5505
content-disposition: inline; filename="time.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2294
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Nov 2018 05:40:31 GMT
server: cloudflare
etag: "1581-57b4e6bdf11c0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZ6fe5OZ5IoflMvFq2pMqv0Elkgrbvbx%2FbhmxHr944PN2PflqqmU7yntEL7Wve%2FRnRs55EugXmX%2BgGHhE4PpUE9xbJK5vXk9z0I%2BsAseWmZ2mFD69t9PPbEaECyLA31P"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec39b21-FRA

GET
H3 200 activities.png
playorigin.com/sro/icons/ 1 KB
2 KB 121ms
119ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/sro/icons/activities.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf7e985708ac6109aa6dfa4a9e46a5dbee3ddc2bde5f7a1651e50a71d402260e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4462
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RoR38Z.2uRpTtYxW266.eavmOaanfaTgSkepJL7BkeU-1717459542-1.0.1.1-dG666HaamFPY6wIGbn9Hl8D5Msns0x3V.E8teujbc_PZ1zBgX15DQexcQOnG__fYjN3Ygs6lYEMNbM_xroXIgP8DnDWYn7_GKzIo1o2mkwDf0_LJXe7VJyrvQHb70nEhxoixeHILKvAJ5Fk1gIqRbA; report-to cf-csp-endpoint
content-disposition: inline; filename="activities.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1150
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Nov 2018 06:14:25 GMT
server: cloudflare
etag: "116e-57b4ee51b7240"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9MFsUC%2B8wPG7oSdLe8IUV%2Ft8qxDEMl%2F0f7zm5bji0dl0mMu4kNZ7fLGLWQzUIjwTBkzCmv5riKE%2FvJ2Uj1vzPoRBBYKhM1BCWYvtrYTAnxiVQLCKOGX2bVeRWOMhQpJ"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RoR38Z.2uRpTtYxW266.eavmOaanfaTgSkepJL7BkeU-1717459542-1.0.1.1-dG666HaamFPY6wIGbn9Hl8D5Msns0x3V.E8teujbc_PZ1zBgX15DQexcQOnG__fYjN3Ygs6lYEMNbM_xroXIgP8DnDWYn7_GKzIo1o2mkwDf0_LJXe7VJyrvQHb70nEhxoixeHILKvAJ5Fk1gIqRbA"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec49b21-FRA

GET
H3 200 details2.png
playorigin.com/sro/icons/ 1 KB
2 KB 1724ms
1722ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/sro/icons/details2.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ad3f581614a4ecf91d58f3c7c614a805329615a25b92a82ad74fd30c5fd55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4527
content-disposition: inline; filename="details2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1346
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Nov 2018 06:16:10 GMT
server: cloudflare
etag: "11af-57b4eeb5d9e80"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odqngi3aaza7iLTbka8u1GggSQI6zwel4H0EzKPuclbcAzEs64GVKkYCKEDjufN%2F16wMJvTNKFF6STu09T3Uh01UJz0TILfjSMVcKBR4zMKrPuPDe%2F8KaiIBlsKWbA8i"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec59b21-FRA

GET
H3 200 uni.png
playorigin.com/sro/icons/ 2 KB
3 KB 2003ms
2002ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/sro/icons/uni.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a67d146bf55d9757abd776cfca85abf652f82fedf8d3175b8b7bec229615ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4937
content-disposition: inline; filename="uni.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2016
cf-bgj: imgq:100,h2pri
last-modified: Thu, 21 Mar 2019 23:29:04 GMT
server: cloudflare
etag: "1349-584a31a941000"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AN9orZVoEw81SzFB%2BDVr1b%2FmCk9iDYkBrrKMVLjjH1HRr7%2Fucc%2BEtfpQEWOX74N4eQAQBcDscV6sW28qYAJBMtb6mOeNUi42vKbnDWK4cIRKA12Liy%2BdID7wAVLf3aTb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec79b21-FRA

GET
H3 200 cloudflare_secured_seal.png
playorigin.com/images/ 10 KB
10 KB 1996ms
1994ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/cloudflare_secured_seal.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c346dd604bbc2a5d4009d2916a012c21d12e5c08b0a38e523ccf3b8e4eb8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=13813
content-disposition: inline; filename="cloudflare_secured_seal.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9752
cf-bgj: imgq:100,h2pri
last-modified: Tue, 22 Mar 2022 04:23:28 GMT
server: cloudflare
etag: "35f5-5dac6f983bfd9"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLMesT3L%2Fcy%2Fb%2B8ej9KchP7DWjzU8QYfnRPCJ0sNuzYbSwKgXtN3muQSnt%2BxOJz%2FFhBrTIuy1cn4x%2FBp29u%2FnTNMVepZnS7XJ8XS8R2i6Zhv0CPTa4Ryx%2F3GnoAFg7HZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec89b21-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 12ms
6ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 00:05:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19850
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7125
x-served-by: cache-fra-etou8220109-FRA
x-jsd-version-type: version
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rocket-loader.min.js Show response
playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 14ms
12ms Script
application/javascript 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 24 May 2024 15:04:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"6650ac81-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkLQ%2Fk73Y5aER3XWwDpoYUHzRqD9O%2BlUaEZKEpkmgKXbyZLjiNkKpK7iMbq%2FzNmGx9j8mWqhfq8RdvUNQS4KCbwd9244BILdlKXaEScMoD%2FcpGV%2F7RmiWJ69eQdre2WV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 88e3ac3e7ec99b21-FRA
expires: Thu, 06 Jun 2024 00:05:42 GMT

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35abf0fe09565ba50c192918a4207a1675fcc670b529efda058549a99f99d399

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 206 oribg_947675_2.mp4
playorigin.com/ 75 KB
0 2996ms
2996ms Media
video/mp4 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/oribg_947675_2.mp4

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://playorigin.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-2871964/2871965
alt-svc: h3=":443"; ma=86400
Content-Length: 2871965
last-modified: Wed, 06 Mar 2024 00:00:02 GMT
server: cloudflare
etag: "2bd29d-612f2a3fbc1ce"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iu3fyBDSTxLJf1mK%2FExYunHOVA%2BhHrw3cY%2FAIWz6ZuZnjdPhF1BXlXTdh4jjuEM0Z6l0Ls76n0iRv73Z%2BvTC7aXuqqkVLA9%2BKAua77Jq6hTdgszBrafKTu2KTBdc8%2F3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3e8ed09b21-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 103ms
25ms Script
text/javascript 104.68.81.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.68.81.91 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-68-81-91.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Jun 2024 00:05:43 GMT
server: Oracle API Gateway
opc-request-id: /FB21F01164D45FFB0F18F2D9559FBBAC/90A8B063F16F648805215FA646E6D1D6
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H3 200 function.js Show response
playorigin.com/js/ 4 KB
2 KB 2905ms
2905ms Script
application/javascript 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/js/function.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e445ce5fecf1ceae215b90bdb24072c3e7db998006c7f833264498ea3c1cc4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=5857
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 18 Sep 2021 21:59:45 GMT
server: cloudflare
etag: W/"16e1-5cc4c2a6e3640"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFAsT98NXKQmnx7IZ1%2FBW6YvnZGD5ZNHSpIzUJpOoaM1jNcxf5rJplUT%2FmZnQqUJdc%2F96H%2FDOVmmxv%2BoXTlFK0XFJE%2FPnPQQkdkYHCIU5ujfzJcPUMZ6XCkLjS7CUICZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3f2f309b21-FRA

GET
H3 200 app_main.js Show response
playorigin.com/assets/origin/js/ 625 B
846 B 2905ms
2905ms Script
application/javascript 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/js/app_main.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f165d3469b6f854c7616462919328dcd91baf1dc6e1b092d9f9091fb02499c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=947
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 08 Apr 2018 22:23:30 GMT
server: cloudflare
etag: W/"3b3-5695dbd28dc80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gQXuAJEE6yxp0cApO79Gtwq1HRgpXHYeZ0QbKHcpfINp6mRmuDWlKviXMhkfLIfHq%2BYOd9aNl5ncQZCIYHQ8MOggnr9sywVHo%2BgX%2BiFxG%2BCtm2vPG1k9WCqCsU1hyea"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3f2f319b21-FRA

GET
H3 200 readmore.min.js Show response
playorigin.com/assets/origin/js/ 4 KB
2 KB 2906ms
2904ms Script
application/javascript 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/js/readmore.min.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c7b8730ce572b3b608b970455310cc25f9208f5150b6b1103f190a9535a82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 22:24:12 GMT
server: cloudflare
etag: W/"115d-5f049e530a535"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBVHIUffjvqFvcMo129%2BCJRSuQUfrfcaO0De1EWFlMAddyO5So%2BPqQfTcMRopQeO4RlVx2%2B8Q3kpC80obMnoifV4f6NsqROKctXwFDHrE%2F50hDz0J51N3OFfteNfaEGx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=7200
cf-ray: 88e3ac3f3f329b21-FRA

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
67 KB 24ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7909916
x-cache: HIT, HIT
content-length: 67751
x-served-by: cache-lga13623-LGA, cache-fra-etou8220051-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717459543.926960,VS0,VE0
etag: W/"28feccc0-3dee4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 38, 65349

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 32ms
15ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 437491
x-cache: HIT, HIT
content-length: 30288
x-served-by: cache-lga13622-LGA, cache-fra-etou8220051-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717459543.927060,VS0,VE0
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 55205

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WPE1BK4G16

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f75418b41b12fe48d5688061675441bc7bc2d29660a0fbe13b9c8178059d0328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Jun 2024 00:05:42 GMT

GET
H3

200

main.js Show response
playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame EB84
Redirect Chain

https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

14ms
14ms

Script
application/javascript

172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d592f2e02727c1a298c16d61347d158bcc41aa0d483361f7b1df6f425c423915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRrYPR4tPOxXb2dyzAv1p05LuerJXr%2BEavme37TGBKWSJ2YYcQhcAEhtvH7ua1HcW2CTDDTaXbRNLRuB4jeN0X1wTuS2VxzgtS%2F6Kmh41CK4tiLUywZSGJufuLJeY3Rn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88e3ac3f4f3c9b21-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 04 Jun 2024 00:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtQxLH0emulxQKY%2Bo%2BKGKjyEbu9pZl40E%2FzpR0RBNY9NEVMkogHjqIno5quXXyHgCJUm8oCXLxd2itX3CfOjTIxLB5LAbxIqulb8MFBNX4N7LCZlnB4OIoofVrkU1c5Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
cache-control: max-age=300, public
cf-ray: 88e3ac3f3f339b21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 88e3ac370a359b21 Show response
playorigin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EB84 0
626 B 27ms
27ms XHR
text/plain 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/cdn-cgi/challenge-platform/h/g/jsd/r/88e3ac370a359b21

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Jun 2024 00:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iGUpaRZbX3cKEAbzsNXSMDjJGPen85jPax7UEHnfO%2Fzn%2BwPiTKm7DQHDh%2FC%2F07oP%2B1RtMl4ayBe64kunk4XfowwCach5r3ZyPjW7NLNvhuUNZYaVZqMvqckkRvwV6MH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88e3ac3fef7c9b21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 206 oribg_947675_2.mp4
playorigin.com/ 21 KB
21 KB 19ms
17ms Media
video/mp4 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/oribg_947675_2.mp4

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062742bc12c2341b9a8f026d840d968c537fe6189b4a7b6cbd9fb9939e8b3f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://playorigin.com/
Range: bytes=2850816-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
Content-Range: bytes 2850816-2871964/2871965
alt-svc: h3=":443"; ma=86400
Content-Length: 21149
last-modified: Wed, 06 Mar 2024 00:00:02 GMT
server: cloudflare
etag: "2bd29d-612f2a3fbc1ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrO%2FEzgamEaEq46GWACZEhdymp3T4Slv4ka7k02Wuasw6lXUgVRssF%2FfbuTyaMMKwUyc%2FAds3fzo%2Boi0wUxgD95SBVfJdnmXg9kvM5feWV5yrv%2F9P8qgrdXBIW1baBu2"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-frame-options: SAMEORIGIN
cache-control: max-age=7200
cf-ray: 88e3ac5149389b21-FRA

GET
H3 206 oribg_947675_2.mp4
playorigin.com/ 3 MB
3 MB 0ms
0ms Media
video/mp4 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/oribg_947675_2.mp4

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53610b0d0af49120913b030c3dbeade3187b35efcc2ea7f6a6d52477f78f2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://playorigin.com/
Range: bytes=32768-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
Content-Range: bytes 32768-2871964/2871965
alt-svc: h3=":443"; ma=86400
Content-Length: 2839197
last-modified: Wed, 06 Mar 2024 00:00:02 GMT
server: cloudflare
etag: "2bd29d-612f2a3fbc1ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrO%2FEzgamEaEq46GWACZEhdymp3T4Slv4ka7k02Wuasw6lXUgVRssF%2FfbuTyaMMKwUyc%2FAds3fzo%2Boi0wUxgD95SBVfJdnmXg9kvM5feWV5yrv%2F9P8qgrdXBIW1baBu2"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
x-frame-options: SAMEORIGIN
cache-control: max-age=7200
cf-ray: 88e3ac5149389b21-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 85ms
34ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Jun 2024 00:05:45 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E58D61AAD644AE4AF3B2975411DAD0B Ref B: FRA31EDGE0709 Ref C: 2024-06-04T00:05:45Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42768aba0f7c36c37b4dd0a09650c58e34d1fb7270d3628845a2ca7d8c6269d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Jun 2024 00:05:45 GMT
content-md5: qX8Y7gMBDHpYMJm4H07bYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: eCPuvDAGjzi9rYNcCOyeUNnfSz7YNDsLxodDu4cJisWpyTPOxHJYz6OCfDenfVjXtMIw0UGef6fouhEbw4wmxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6ee6f2b55ae5511e212ad0aab164ef01
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b540446a78366bea02efc3b2fbfdeb69"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 04 Jun 2024 00:06:33 GMT

GET
H3 200 fw_bg.png
playorigin.com/assets/origin/images/ 107 KB
108 KB 132ms
131ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/assets/origin/images/fw_bg.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/assets/origin/css/origin.css?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e397c7adad465fdbd0b286cbf1b639c4ec8e2fabc499a708e0a51f7ab1fa3549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/assets/origin/css/origin.css?v=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=159288
content-disposition: inline; filename="fw_bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109736
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Apr 2018 16:23:38 GMT
server: cloudflare
etag: "26e38-569a92d8a9680"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sT6BOVGZTrVz7KYc6n9y%2FlNJeSPw1gNB8z78YeWTg6pbINmwpt%2Fne3HBlXQa8Y9sxV%2FXUMEL43mTg2sCuAztQ4yIpTTj3MGu7ooiH%2BONIRYy7yQPG0KJJ4qcgSUnni8i"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac51d96f9b21-FRA

GET
H3 200 donate_bg.png
playorigin.com/assets/origin/images/ 137 KB
137 KB 208ms
208ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/assets/origin/images/donate_bg.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/assets/origin/css/origin.css?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0510648fdcd9d29e8643dc95fe4c359f7e10465ba04e3e40c4f677ea2e0f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/assets/origin/css/origin.css?v=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=196280
content-disposition: inline; filename="donate_bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 139802
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Apr 2018 19:54:50 GMT
server: cloudflare
etag: "2feb8-569ac20d9f680"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIIPnzXZHVo8%2BYeLeNm8Yqm9TjScVNeYxprsiHKa6rkBK6yOIjAHxdVvxeaqHRZXZeJdHcF78jKENXbMjKrjEuyjxt20VlZzl78ui%2FWKRZK8WT%2FMtfyfpHHzey314XgJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac51d9719b21-FRA

GET
H3 200 dirt_block_small.png
playorigin.com/assets/origin/images/ 8 KB
9 KB 119ms
119ms Image
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/assets/origin/images/dirt_block_small.png

Requested by

Host: playorigin.com
URL: https://playorigin.com/assets/origin/css/origin.css?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d7ccfa906dffecce29ee35ecd16fb13789094be8287b6f989aa236382d76da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/assets/origin/css/origin.css?v=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=14212
content-disposition: inline; filename="dirt_block_small.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8362
cf-bgj: imgq:100,h2pri
last-modified: Sun, 01 Apr 2018 22:38:32 GMT
server: cloudflare
etag: "3784-568d12208aa00"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uq1%2F1MizF5DF8Uc%2BJ9hU7VPMI9ujpSa6k5OKX7p%2BKonrnjaEhSsrDgHS%2B%2Fr%2BH5faUhUV5Rz4tLfoTefqKH%2BT82j2wwfl2P7EGiDp1bkZCFQrw%2B6cg9IYy58EdWPsiWXs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac51d9729b21-FRA

GET
H3 200 CenturySchoolbook.woff2
playorigin.com/assets/origin/fonts/ 71 KB
72 KB 127ms
125ms Font
text/plain 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/assets/origin/fonts/CenturySchoolbook.woff2

Requested by

Host: playorigin.com
URL: https://playorigin.com/assets/origin/css/font.css?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c1b4fdc0db4a9e9e0863e220a5be58cf2817f3300e51b9177add1c08060dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/assets/origin/css/font.css?v=3
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 72836
last-modified: Fri, 06 Apr 2018 20:39:38 GMT
server: cloudflare
etag: "11c84-569340e11b477"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pK%2FvaHdb6ZdiAsp5IhEsvAxUCQWTSZ0gZZYXlqPbgPOPs%2Fmgx%2FlUwfJmWK9%2FGjSHWuTyNB1%2Bb%2FFAQ3AlxtR2rQiR%2BT%2Bqvo53aSSaTppeO2Uikt91RWF0CAqD7DpSZJYR"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac5239a29b21-FRA

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 34ms
17ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 354424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBOHItn%2F9t36dX7wcTzBnSxW8e7vIvW%2Bvu5VCxkWns2T6vHNDtPIDlWeE2zjedLUZVZKgxfHNKZK6SzEvBLvxc82HcMFPfocqqcGeawtfUrW2Jd15NPv%2FREyTKyRbNvDkpFeR1fU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88e3ac525c251911-FRA
expires: Sun, 25 May 2025 00:05:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 150ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WPE1BK4G16&gtm=45je4630v880527716za200&_p=1717459545887&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2010166494.1717459546&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717459545&sct=1&seg=0&dl=https%3A%2F%2Fplayorigin.com%2F&dt=Origin%20Online%20%7C%20Free%20to%20Play%20Fantasy%20MMORPG%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4410
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WPE1BK4G16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 04 Jun 2024 00:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://playorigin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 20ms
11ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7346396fea0ed3cb60108b32e6623d9c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

70a968fba2e65bd43b3d05ddbb2a82060b2a4174073a7dabda1f636e68e7054a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Jun 2024 00:05:46 GMT
content-md5: uzTctNH08l7T72FUW9g/ow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89055
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4296, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug: DiNNcc5eMi6ZyByIwkJoVBOlRY31EIK81Rz6fr3qjzEOKfuLVU0WCE5L50nq7UWnV+DB9F/02D22dM6Y5eT3bA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ebbeef59d03b76bd0f636da9c4b03131
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "1e04ad9209294c758d233b0c131c24a8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Jun 2025 15:46:16 GMT

GET
H2 204 149000013.js Show response
bat.bing.com/p/action/ 0
118 B 36ms
33ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149000013.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 04 Jun 2024 00:05:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6DCE5883D4354DA492AD71180D346B6F Ref B: FRA31EDGE0709 Ref C: 2024-06-04T00:05:46Z
x-cache: CONFIG_NOCACHE

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 16ms
15ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Origin: https://playorigin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7101768
cdn-cachedat: 10/31/2023 18:58:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 67ef672f39ab7134150c50db52b4bb88
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 88e3ac52ab1ba031-FRA
cdn-requestpullsuccess: True

GET
H3 200 favicon-32x32.png
playorigin.com/ 550 B
1 KB 206ms
206ms Other
image/webp 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c406057e057e5b8bcf8d3e5453cc9c89abc5e0606e241f23b4f6ab099c0ae0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1576
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 550
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Dec 2018 01:10:09 GMT
server: cloudflare
etag: "628-57cdcf9ce2e0a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvvrK8YKZBIV4BiEBUAoOyofZc5MdN0KXiXSY0uhfAaeU9kmTMnMMteTvLXuTVR%2BlXpnhDdjsJ8eFN8FlREauWu4WYvc%2BjxpVV7gDq3Rg9zcDVrF%2FT1CP8pVzUgE2dyY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac534a219b21-FRA

GET
H3 200 announcement_04.jpg
playorigin.com/images/ 100 KB
0 1ms
0ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/announcement_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3574f0c8cf84b6eb1df6290c0f1f0c6f57f9e544317ea04c67b5d454c5c7dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=128820
alt-svc: h3=":443"; ma=86400
content-length: 102719
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 Jan 2024 23:45:32 GMT
server: cloudflare
etag: "1f734-60eb424a74b97"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oydGDFrPlhrmIOw1TeWyv0THC70XFjPSP1MDY2m3NxhkrIovZCJoFJt38w%2Bwpq9OiC8GdCz4p0XInkPrrpHp9e1z98ivs9Gu8bYSiFxG3qDMZOu7EpNByEz3VJrDC0rz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ebb9b21-FRA

GET
H3 200 safe_trade_1.jpg
playorigin.com/images/2024/update/ 124 KB
0 1ms
1ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/2024/update/safe_trade_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ff8cc1c86f4a49775de8d30e8b0ecbb17226bcfa14872d955b1bf18313d767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:43 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=152459
alt-svc: h3=":443"; ma=86400
content-length: 126486
cf-bgj: imgq:100,h2pri
last-modified: Wed, 08 May 2024 08:48:40 GMT
server: cloudflare
etag: "2538b-617ed5e7efcc4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQfXqXnxgpoCuEJZOQG8IlX4e7QZTRqcTBxPOA7IibPTbb%2F%2BSqSema%2F8PPQLaHurr28hVaayFKoFSBDA9G16gm5cDZS5SqSE%2BSmV0kQzGdkKnDCFP4xhHjrut6QRAEi8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ebc9b21-FRA

GET
H3 200 caravan1.jpg
playorigin.com/images/2024/carnival/ 104 KB
0 1ms
1ms Image
image/jpeg 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playorigin.com/images/2024/carnival/caravan1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1927614a8a1a1209806cf777c9c2b0361bcc4a39f5015855d3c41da3778d995e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 00:05:44 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=111088
alt-svc: h3=":443"; ma=86400
content-length: 106348
cf-bgj: imgq:100,h2pri
last-modified: Mon, 15 Apr 2024 20:45:22 GMT
server: cloudflare
etag: "1b1f0-61628b34b7e61"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNEN9Wrfpvjmx6ICwEkv9DfyEm57kJoLBP4rBZGoVe9Et%2BsJpMdjz7i6E7oCWeyFatVQLifIVMtYqAA6OBpY%2BvYQIKmXoaw72VSOvu2NbneHUOgKSj8hlXOVahenXhdo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 88e3ac3e7ec19b21-FRA

GET
H3

200

main.js Show response
playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame EB84
Redirect Chain

https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
0

0ms
0ms

Script
application/javascript

172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Protocol

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d592f2e02727c1a298c16d61347d158bcc41aa0d483361f7b1df6f425c423915

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 00:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRrYPR4tPOxXb2dyzAv1p05LuerJXr%2BEavme37TGBKWSJ2YYcQhcAEhtvH7ua1HcW2CTDDTaXbRNLRuB4jeN0X1wTuS2VxzgtS%2F6Kmh41CK4tiLUywZSGJufuLJeY3Rn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88e3ac3f4f3c9b21-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 04 Jun 2024 00:05:42 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtQxLH0emulxQKY%2Bo%2BKGKjyEbu9pZl40E%2FzpR0RBNY9NEVMkogHjqIno5quXXyHgCJUm8oCXLxd2itX3CfOjTIxLB5LAbxIqulb8MFBNX4N7LCZlnB4OIoofVrkU1c5Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
cache-control: max-age=300, public
cf-ray: 88e3ac3f3f339b21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 like.php
www.facebook.com/v2.12/plugins/ Frame 30D0 0
0 55ms
36ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=247036936035555&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df590aaf2aea47c972%26domain%3Dplayorigin.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fplayorigin.com%252Ff8ee1651df696b940%26relation%3Dparent.parent&container_width=1110&href=https%3A%2F%2Fplayorigin.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7346396fea0ed3cb60108b32e6623d9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://playorigin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Tue, 04 Jun 2024 00:05:46 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=29, ullat=0
x-fb-debug: 1pLOEZ1qu1hwITXSJERO6nVRzn2nvHlmbIC9Xt6FMM32cEjYgQly9x6RVQCnzBKapTo6FQ7g9NZIDKVjH3umDQ==
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
287 B 35ms
34ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149000013&Ver=2&mid=2b0a3de3-86bc-4fe1-a384-fdb34e079bd8&sid=312ca030220611ef91a2fd5c82e236c2&vid=312cd660220611efa900b7b059da60bd&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Origin%20Online%20%7C%20Free%20to%20Play%20Fantasy%20MMORPG%20-%20Home&kw=Origin%20SRO,%20Silkroad%20Private%20Server,%20silkroad%20online%20private%20server,%20Silkroad%20no%20bot,%20silkroad%20no%20bot%20server,%20silkroad%20no%20bot%20private%20server,%20Silkroad%20Online%20PVP%20Server,%20PVP,%20Silkroad,%20SRO,%20silkroad%20privado,%20isro,%20silkroad%20online,%20silkroad%20server,%20silkroad%20online%20server&p=https%3A%2F%2Fplayorigin.com%2F&r=&lt=4307&evt=pageLoad&sv=1&rn=721057

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://playorigin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 00:05:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43546E73D99A4A7D8A562B0784C61D02 Ref B: FRA31EDGE0709 Ref C: 2024-06-04T00:05:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 88e3ac370a359b21 Show response
playorigin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EB84 0
624 B 23ms
23ms XHR
text/plain 172.66.41.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playorigin.com/cdn-cgi/challenge-platform/h/g/jsd/r/88e3ac370a359b21

Requested by

Host: playorigin.com
URL: https://playorigin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Jun 2024 00:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlBLiwsSb9VbwPTm0%2F5yOVrtBmm7qaH1QVfEmhmyPbsZg3BkjpEWk6OuvrJzsOWbeE3d58LKKYJwFMZl6uyCoel3bCTrbBnvqq%2F6eKLm5EtY1YKhY8vV%2BTnewl95vH8f"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88e3ac547aac9b21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
playorigin.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b58oljei8htv1gcm6tcesnn9mo
.playorigin.com/	1970-01-21 06:40:19	Name: _ga_WPE1BK4G16 Value: GS1.1.1717459545.1.0.1717459545.0.0.0
.playorigin.com/	1970-01-21 06:40:19	Name: _ga Value: GA1.1.2010166494.1717459546
.playorigin.com/	1970-01-20 21:05:45	Name: _uetsid Value: 312ca030220611ef91a2fd5c82e236c2
.playorigin.com/	1970-01-21 06:25:55	Name: _uetvid Value: 312cd660220611efa900b7b059da60bd
.bing.com/	1970-01-21 06:25:55	Name: MUID Value: 3B6BB680DD2D67DD133BA214DC816625
.playorigin.com/	1970-01-21 05:49:55	Name: cf_clearance Value: X_t4e3z20pefHU5Jc3XS5p_Z.JUEDwMMXGN55Iz6O60-1717459546-1.0.1.1-wZQeBHLK.1NfJ6_DkW.gqO5cE301gknYvXD6hJwQgHQ80kgPhOf.JVc.xopzq1yIO_g86krWhaqLkDZv7wAMUg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://playorigin.com/(Line 12) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.
recommendation	verbose	URL: https://playorigin.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://playorigin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
playorigin.com
region1.google-analytics.com
s7.addthis.com
stackpath.bootstrapcdn.com
use.fontawesome.com
www.facebook.com
www.googletagmanager.com
104.17.24.14
104.18.11.207
104.68.81.91
157.240.253.1
172.66.41.48
2001:4860:4802:34::36
2606:4700:3037::ac43:8ef5
2620:1ec:c11::237
2a00:1450:4001:82b::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:600::485
062742bc12c2341b9a8f026d840d968c537fe6189b4a7b6cbd9fb9939e8b3f79
0ea756cb6bed3ad04476f41e89576944da226f3a5a5fc331454cf1133f7876ec
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1927614a8a1a1209806cf777c9c2b0361bcc4a39f5015855d3c41da3778d995e
34c1b4fdc0db4a9e9e0863e220a5be58cf2817f3300e51b9177add1c08060dc2
3574f0c8cf84b6eb1df6290c0f1f0c6f57f9e544317ea04c67b5d454c5c7dd53
35abf0fe09565ba50c192918a4207a1675fcc670b529efda058549a99f99d399
41c0313094a44758a32728e2dd48f3c96e2b0b5743ca6d82116b86f4ee7c14e2
42768aba0f7c36c37b4dd0a09650c58e34d1fb7270d3628845a2ca7d8c6269d8
43a67d146bf55d9757abd776cfca85abf652f82fedf8d3175b8b7bec229615ae
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
61fee6ca88a96fad64a92e25cff471bec434bbbc3f5ad0745a74dee10c52e1e1
70a968fba2e65bd43b3d05ddbb2a82060b2a4174073a7dabda1f636e68e7054a
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
863ac69a925e2803212e7a61cb05ce374a79696500cf6d9a8c371be7b15af4a7
86bfb7512a66b1c48617b63fbe07a6abe39e13eaae3cab46d616de2702895c0d
97d7ccfa906dffecce29ee35ecd16fb13789094be8287b6f989aa236382d76da
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a5ad3f581614a4ecf91d58f3c7c614a805329615a25b92a82ad74fd30c5fd55b
b2954bdafa694caa0f225067636f3c3b30b7da46fa6d161b97e9656732e254c9
bf7e985708ac6109aa6dfa4a9e46a5dbee3ddc2bde5f7a1651e50a71d402260e
c1c7b8730ce572b3b608b970455310cc25f9208f5150b6b1103f190a9535a82f
c406057e057e5b8bcf8d3e5453cc9c89abc5e0606e241f23b4f6ab099c0ae0c6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d592f2e02727c1a298c16d61347d158bcc41aa0d483361f7b1df6f425c423915
e397c7adad465fdbd0b286cbf1b639c4ec8e2fabc499a708e0a51f7ab1fa3549
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445ce5fecf1ceae215b90bdb24072c3e7db998006c7f833264498ea3c1cc4c9
e4ff8cc1c86f4a49775de8d30e8b0ecbb17226bcfa14872d955b1bf18313d767
e53610b0d0af49120913b030c3dbeade3187b35efcc2ea7f6a6d52477f78f2b4
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e817d53a31635e88c2f3ea2eec69ad1d7d29dd4aa0ab709336020b4472612438
f165d3469b6f854c7616462919328dcd91baf1dc6e1b092d9f9091fb02499c32
f3efdb04d1f666096fa33da8085bb4c2b8130d4cc8412e2dd8a2823370710689
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4c346dd604bbc2a5d4009d2916a012c21d12e5c08b0a38e523ccf3b8e4eb8c5
f75418b41b12fe48d5688061675441bc7bc2d29660a0fbe13b9c8178059d0328
fa0510648fdcd9d29e8643dc95fe4c359f7e10465ba04e3e40c4f677ea2e0f08

playorigin.com Open in urlscan Pro 172.66.41.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

62 %IPv6

12 Domains

12 Subdomains

14 IPs

4 Countries

4079 kBTransfer

5488 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

playorigin.com Open in urlscan Pro
172.66.41.48 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

12
Subdomains

14
IPs

4
Countries

4079 kB
Transfer

5488 kB
Size

7
Cookies

51 HTTP transactions
1 data transactions