urlscan.io logo urlscan.io
SecurityTrails logo

origin8now.com Open in urlscan Pro
20.99.138.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://origin8now.com/loan/71247/documentation
Effective URL: https://origin8now.com/app/login
Submission Tags: falconsandbox
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 72 HTTP transactions. The main IP is 20.99.138.178, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is origin8now.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 21st 2022. Valid for: a year.
This is the only time origin8now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 20.99.138.178 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 18.66.97.49 16509 (AMAZON-02)
2 52.222.236.63 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.83.152.193 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
2 13.69.106.211 8075 (MICROSOFT...)
1 52.30.157.40 16509 (AMAZON-02)
1 18.66.112.110 16509 (AMAZON-02)
72 18
24    20.99.138.178 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
origin8now.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
5    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:6c00::210:bab1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
documentcloud.adobe.com
2    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com
2    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
8    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    99.83.152.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac581fb06a21ff400.awsglobalaccelerator.com
www.sagepayments.net
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com
2    13.69.106.211 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    52.30.157.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
24 origin8now.com
origin8now.com
svc-prd.origin8now.com Failed
6 MB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
59 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
maps.googleapis.com — Cisco Umbrella Rank: 314
233 KB
6 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 622
script.hotjar.com — Cisco Umbrella Rank: 794
vars.hotjar.com — Cisco Umbrella Rank: 881
in.hotjar.com — Cisco Umbrella Rank: 1513
136 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
258 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
1 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 104
535 B
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 676
534 B
2 adobe.com
documentcloud.adobe.com — Cisco Umbrella Rank: 8961
40 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2100
258 B
1 gstatic.com
www.gstatic.com
146 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1609
22 KB
1 sagepayments.net
www.sagepayments.net — Cisco Umbrella Rank: 198139
9 KB
0 google.de Failed
www.google.de Failed
72 14
Domain Requested by
24 origin8now.com origin8now.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
origin8now.com
az416426.vo.msecnd.net
6 maps.googleapis.com origin8now.com
maps.googleapis.com
5 www.googletagmanager.com origin8now.com
www.googletagmanager.com
3 www.google.com origin8now.com
3 stats.g.doubleclick.net www.google-analytics.com
az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 script.hotjar.com static.hotjar.com
2 static.hotjar.com origin8now.com
2 documentcloud.adobe.com origin8now.com
documentcloud.adobe.com
2 fonts.googleapis.com origin8now.com
1 vc.hotjar.io az416426.vo.msecnd.net
1 in.hotjar.com az416426.vo.msecnd.net
1 vars.hotjar.com static.hotjar.com
1 www.gstatic.com www.google.com
1 az416426.vo.msecnd.net origin8now.com
1 www.sagepayments.net origin8now.com
0 svc-prd.origin8now.com Failed
0 www.google.de Failed origin8now.com
72 19

This site contains no links.

Subject Issuer Validity Valid
*.origin8now.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-21 -
2023-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
static.adobesigncdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-31 -
2023-07-01		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.sagepayments.net
Network Solutions OV Server CA 2		 2020-07-15 -
2022-08-01		 2 years crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2022-05-07 -
2023-05-07		 a year crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://origin8now.com/app/login
Frame ID: DF492DF62BA8716C6C73626AE7114102
Requests: 70 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 1FA52D1AD9832D5527143064B31F8A61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Origin8 - Accelerate your investment loans today

Page URL History Show full URLs

  1. https://origin8now.com/loan/71247/documentation Page URL
  2. https://origin8now.com/app/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

72
Requests

90 %
HTTPS

53 %
IPv6

14
Domains

19
Subdomains

18
IPs

5
Countries

7413 kB
Transfer

20338 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://origin8now.com/loan/71247/documentation Page URL
  2. https://origin8now.com/app/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
documentation
origin8now.com/loan/71247/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/loan/71247/documentation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c04b7801b7bdbff77e61aafb86b0b26f29f6ec54297cfe05b1b7088ddbd90d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2413
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Content-Type
text/html; charset=utf-8
Date
Sat, 11 Jun 2022 22:21:33 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Powered-By
ASP.NET
X-XSS-Protection
1
icon
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
978c3f7b387f38ae1b647bf1cc7f57c5528cb458ee2bc6da5a82f2b28c569172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 22:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Jun 2022 22:21:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Jun 2022 22:21:34 GMT
js
maps.googleapis.com/maps/api/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
08f773de2d13574170e3c612f8ce4654d3e9cc58167c640344bce676a0d07248
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56129
x-xss-protection
0
expires
Sat, 11 Jun 2022 22:51:34 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164861138-1
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
045cb7fe1b9985a36c22985979c12d3560d9a7ae2ad70780de1eab33a00642f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39789
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 22:21:34 GMT
main.js
documentcloud.adobe.com/view-sdk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://documentcloud.adobe.com/view-sdk/main.js
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd293c3decd287f4d20de42a3a73d1f439116074535d80db3d5018e0c92844e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-length
744
last-modified
Fri, 27 May 2022 15:40:59 GMT
etag
"611a7ed21056c8f64bdce4494e02fffa"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60, must-revalidate
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
origin8
origin8now.com/bundles/angular/ 		113 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/angular/origin8?v=qFgGYxdrsQvgobxNEdO_h2qFILZiZtcPHiuZpJjKCao1
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
56b5d40894a00158c83b2b53172143caff6254f5a4156d18df3bdb5faa5ec8e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/loan/71247/documentation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
23171
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:34 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Vary
User-Agent,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:34 GMT
angular
origin8now.com/bundles/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/angular?v=ChlUTop6akMpuACDDQTxnc8J0g5NvbEpblUOubrMv-Q1
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c8f628ada65b3fb6b41b0873e97de15e2f48d15e980b9e1f8bd8289066752de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/loan/71247/documentation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:34 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:34 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://origin8now.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
ViewSDKInterface.js
documentcloud.adobe.com/view-sdk/2.24.4_2.11.0-d41709d8/ 		185 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://documentcloud.adobe.com/view-sdk/2.24.4_2.11.0-d41709d8/ViewSDKInterface.js
Requested by
Host: documentcloud.adobe.com
URL: https://documentcloud.adobe.com/view-sdk/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ffac3502826c4aa2654cb8af2d81b9a6d26695383986bdf2463f929046de7e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-length
39452
last-modified
Wed, 11 May 2022 11:32:12 GMT
etag
"51bc8b3b1740d889425a03ba5e107103"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, must-revalidate
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
gtm.js
www.googletagmanager.com/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNMPVPV
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30d7da3f762c1c8442454d6ba5fc43978616d1241ab2593729be1ddc4c6fbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42373
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 22:21:34 GMT
hotjar-1417661.js
static.hotjar.com/c/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1417661.js?sv=6
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
828cd8b0d7ba59662cfc5fcae094f58c2ba389ef0936b6b59fb023bd3da7c04d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/e9851e1a6b5c8e013cc98e1db5f4686d
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
GMiZA5_Mre6QM2L2IeTsjyRyg1kMw7xxqHq0Tk_46uexOMNuuObqYg==
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQ53KX2
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc8725c51e1a6f4b4e594302b3aa6e10ab4fae7ebbad0cc8b27139f61ea900f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71272
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 22:21:34 GMT
modules.b871a939666125f20d79.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b871a939666125f20d79.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1417661.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
221368
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64109
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 08:51:29 GMT
etag
"a7a5f230aae7accf37f785c6590c07fa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EGsVFJEKLmwMUM1nwE-NbmvgCnEDDSzU5fjgiAnzn_lXKWxc-yGIiQ==
js
www.googletagmanager.com/gtag/ 		191 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GP6BJPXNZ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNMPVPV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa7508640ff582e85b0136bca69ee0d8f6cb53fcd0ca70ca877a6300cc496e7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70082
x-xss-protection
0
expires
Sat, 11 Jun 2022 22:21:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNMPVPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2808
date
Sat, 11 Jun 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 23:34:46 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2136222334&t=pageview&_s=1&dl=https%3A%2F%2Forigin8now.com%2Floan%2F71247%2Fdocumentation&ul=en-us&de=UTF-8&dt=Origin8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=581035095&gjid=709605615&cid=1018350491.1654986093&tid=UA-219077898-1&_gid=2088533789.1654986093&_r=1&gtm=2wg680MNMPVPV&z=1196636949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2136222334&t=pageview&_s=1&dl=https%3A%2F%2Forigin8now.com%2Floan%2F71247%2Fdocumentation&ul=en-us&de=UTF-8&dt=Origin8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=142184539&gjid=619079611&cid=1018350491.1654986093&tid=UA-168303388-1&_gid=2088533789.1654986093&_r=1&gtm=2wg680NQ53KX2&z=954041046
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GP6BJPXNZ8&gtm=2oe680&_p=2136222334&_z=ccd.tdB&cid=1018350491.1654986093&ul=en-us&sr=1600x1200&_s=1&sid=1654986093&sct=1&seg=0&dl=https%3A%2F%2Forigin8now.com%2Floan%2F71247%2Fdocumentation&dt=Origin8&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GP6BJPXNZ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219077898-1&cid=1018350491.1654986093&jid=581035095&gjid=709605615&_gid=2088533789.1654986093&_u=YEBAAEAAAAAAAC~&z=1412950713
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 11 Jun 2022 22:21:34 GMT
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-168303388-1&cid=1018350491.1654986093&jid=142184539&gjid=619079611&_gid=2088533789.1654986093&_u=YGDACEABBAAAAC~&z=1948198832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 11 Jun 2022 22:21:34 GMT
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-168303388-1&cid=1018350491.1654986093&jid=142184539&_u=YGDACEABBAAAAC~&z=1148149289
Requested by
Host: origin8now.com
URL: https://origin8now.com/loan/71247/documentation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
Primary Request login
origin8now.com/app/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/app/login
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/angular?v=ChlUTop6akMpuACDDQTxnc8J0g5NvbEpblUOubrMv-Q1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8a59fdc52a378c98b5a72e586bac603789af7b96fce2c5dd66dc4518bc544be
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/loan/71247/documentation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3812
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Content-Type
text/html; charset=utf-8
Date
Sat, 11 Jun 2022 22:21:36 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Powered-By
ASP.NET
X-XSS-Protection
1
HurmeGeometricSans2-Bold.otf
origin8now.com/fonts/default/ 		0
0
Merriweather-Regular.ttf
origin8now.com/fonts/default/ 		0
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2136222334&t=pageview&_s=1&dl=https%3A%2F%2Forigin8now.com%2Fsupport%2Faccess-denied&dp=%2Fsupport%2Faccess-denied&ul=en-us&de=UTF-8&dt=Origin8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=1578851047&gjid=94629005&cid=1018350491.1654986093&tid=UA-164861138-1&_gid=2088533789.1654986093&_r=1&gtm=2ou680&z=1328500712
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/angular?v=ChlUTop6akMpuACDDQTxnc8J0g5NvbEpblUOubrMv-Q1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164861138-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2810
date
Sat, 11 Jun 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 23:34:46 GMT
0
svc-prd.origin8now.com/api/documents/profileImage/partnerlogo/ 		0
0
Origin8_loader.gif
origin8now.com/images/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
styles
origin8now.com/bundles/ 		1 MB
238 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d936d9e4ac6ef685995239b92b4cf75e2cb1b343093e5431c0e5730b9d2b3960
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:37 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:37 GMT
ie10-viewport-bug-workaround.css
origin8now.com/content/ 		446 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/content/ie10-viewport-bug-workaround.css
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
393
X-XSS-Protection
1
Last-Modified
Mon, 21 Dec 2020 21:07:16 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
ETag
"491bc242ddd7d61:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Accept-Ranges
bytes
modernizr
origin8now.com/bundles/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
5292
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:37 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Vary
User-Agent,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:37 GMT
css
fonts.googleapis.com/ 		366 B
296 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Satisfy
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
367cf34e0f82106c500fb60a4dd1f234b0682e4cb9a2dfa247e8f785d3502a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 22:21:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Jun 2022 22:21:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Jun 2022 22:21:36 GMT
api.js
www.google.com/recaptcha/ 		850 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 11 Jun 2022 22:21:36 GMT
Origin8_loader.gif
origin8now.com/images/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/Origin8_loader.gif
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4343706f83b4a5fff3c5b0e2c55c0e757728f3f551fcc91d3e94e86d4e624bc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
ETag
"e319f943ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/gif
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
90915
X-Content-Type-Options
nosniff
jquery
origin8now.com/bundles/ 		88 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/jquery?v=R139sdBWhWsnDXnH9NrQKR3atW-nGiaEYvDdPwRw8IM1
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b8eec93028c89005ef7c1d2225b10dacdc091b5cd20d3f771d323869d2d4f95
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
40912
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:37 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Vary
User-Agent,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:37 GMT
js
maps.googleapis.com/maps/api/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
08f773de2d13574170e3c612f8ce4654d3e9cc58167c640344bce676a0d07248
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:37 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56129
x-xss-protection
0
expires
Sat, 11 Jun 2022 22:51:37 GMT
bootstrap
origin8now.com/bundles/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/bootstrap?v=lescQEuG5u4jd-GcVDBcbpUOSyTDIg0Kk9zHDX55GCw1
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
12922
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:38 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Vary
User-Agent,Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:38 GMT
angularjs
origin8now.com/bundles/ 		4 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/angularjs?v=xybo_b6zZhmFWvmcOqHMqfuZfSvCKbuWmLJjwBqIdkQ1
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70cdf677a2505b1fe965a20a1f3f51253fb4e750a9e4561b572d93eb2e1564d3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:38 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:38 GMT
pay.min.js
www.sagepayments.net/pay/1.0.2/js/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sagepayments.net/pay/1.0.2/js/pay.min.js
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.152.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac581fb06a21ff400.awsglobalaccelerator.com
Software
/
Resource Hash
77fbc60edd998cd701b033e567fdb0db81c8cb1170ad32e3b8cfb26ed7da0aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1,mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
vary
Accept-Encoding
content-length
8396
x-xss-protection
1,mode=block
referrer-policy
no-referrer
last-modified
Tue, 04 Apr 2017 15:05:16 GMT
server
etag
"84788de54add21:0"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
ie10-viewport-bug-workaround.js
origin8now.com/scripts/ 		664 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/scripts/ie10-viewport-bug-workaround.js
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3a776234892e76fe2105236a8fa5f1ba40b18bb735fff77159f096f7a21aa350
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Connection
keep-alive
Content-Length
562
X-XSS-Protection
1
Last-Modified
Mon, 21 Dec 2020 21:07:16 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
ETag
"52cad542ddd7d61:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Accept-Ranges
bytes
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-61934038-10
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8964793aaa06acbf165afea4b03d5f12e0c54e34a17ef2c56a7c3e34482d0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39793
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 22:21:38 GMT
app
origin8now.com/bundles/ 		3 MB
588 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/app?v=nC0RznYPQ9W3-2HIuqFDSlvExwRT5JnyBJLixrx2wE81
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3e5e0d066b2851368f560e4015b356a99363cc1f2d1be53e75cdca0bce2d1aa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:38 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:38 GMT
templates
origin8now.com/bundles/ 		3 MB
538 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/bundles/templates?v=_IusY-QlnFRriZZxutwqXkrDaQkhhJJsMoYXuMxntZ41
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bee0bdcc3ba61755a616281e296b6fb18b8350f5bc1e7541262f763a4a279b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1
Last-Modified
Sat, 11 Jun 2022 22:21:38 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Expires
Sun, 11 Jun 2023 22:21:38 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Jun 2022 22:21:38 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1637
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
004a2007-601e-0031-7ddd-7d0966000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 11 Jun 2022 22:51:38 GMT
kendoui.woff
origin8now.com/Content/kendo/images/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/Content/kendo/images/kendoui.woff?v=1.1
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
ETag
"a4dac442ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
application/x-font-woff
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
64184
X-Content-Type-Options
nosniff
proxima-nova-alt-regular-webfont.woff
origin8now.com/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/fonts/proxima-nova-alt-regular-webfont.woff
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:38 GMT
ETag
"b1e7f543ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
application/x-font-woff
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
24172
X-Content-Type-Options
nosniff
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		367 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://origin8now.com/
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 20:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148524
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Jun 2023 20:25:12 GMT
hotjar-1417661.js
static.hotjar.com/c/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1417661.js?sv=6
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
828cd8b0d7ba59662cfc5fcae094f58c2ba389ef0936b6b59fb023bd3da7c04d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
4
etag
W/e9851e1a6b5c8e013cc98e1db5f4686d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
0KUeyr5fde1A9aucvQyBoa3YjVkj0CVfVQzZvE1G173wYf9Epo35rA==
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://origin8now.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
modules.b871a939666125f20d79.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b871a939666125f20d79.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1417661.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
221372
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64109
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 08:51:29 GMT
etag
"a7a5f230aae7accf37f785c6590c07fa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4NllfwpUUvdg3j8FN2fBV-OHgbdZ4yCMrK2PdysZEN_fsOgXKVdZ3A==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-61934038-10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2813
date
Sat, 11 Jun 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 11 Jun 2022 23:34:46 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=432514662&t=pageview&_s=1&dl=https%3A%2F%2Forigin8now.com%2Fapp%2Flogin&ul=en-us&de=UTF-8&dt=Origin8%20-%20Accelerate%20your%20investment%20loans%20today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABAAAAAC~&jid=497223666&gjid=930885734&cid=1018350491.1654986093&tid=UA-61934038-10&_gid=2088533789.1654986093&_r=1&gtm=2ou680&z=1118094191
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61934038-10&cid=1018350491.1654986093&jid=497223666&gjid=930885734&_gid=2088533789.1654986093&_u=QACAAUAAAAAAAC~&z=1500579303
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 11 Jun 2022 22:21:39 GMT
content-type
text/plain
access-control-allow-origin
https://origin8now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61934038-10&cid=1018350491.1654986093&jid=497223666&_u=QACAAUAAAAAAAC~&z=608375444
Requested by
Host: origin8now.com
URL: https://origin8now.com/app/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 22:21:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
Origin8_loader.gif
origin8now.com/images/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/Origin8_loader.gif
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/jquery?v=R139sdBWhWsnDXnH9NrQKR3atW-nGiaEYvDdPwRw8IM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4343706f83b4a5fff3c5b0e2c55c0e757728f3f551fcc91d3e94e86d4e624bc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"e319f943ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/gif
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
90915
X-Content-Type-Options
nosniff
log-in-icon.png
origin8now.com/images/ 		497 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/log-in-icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36eaacec57a504802c8b8697481b4ae42ed264184608c8a85080c73029cf07d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"6fc7344ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/png
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
497
X-Content-Type-Options
nosniff
back.png
origin8now.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/back.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5cf0f29fa535b9ec7afcf219f189ee8fe09d93ee253f62c3d60ab9c9b474d377
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"b62bfa43ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/png
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
1944
X-Content-Type-Options
nosniff
logo-lg.png
origin8now.com/images/ 		145 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/logo-lg.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a44b36877611829e53896be05f3155a61b3123de7117086b3351610cf6067e8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/app/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"4e15444ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/png
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
148980
X-Content-Type-Options
nosniff
bg-landing.jpg
origin8now.com/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin8now.com/images/bg-landing.jpg
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84b0f48253f9db9755374848913a382791d45080720cbddb350d0433d39aa27e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"90a9ff43ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
image/jpeg
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
1475163
X-Content-Type-Options
nosniff
montserrat-v10-latin-regular.woff2
origin8now.com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/fonts/montserrat-v10-latin-regular.woff2
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"a27f343ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
application/font-woff2
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
15148
X-Content-Type-Options
nosniff
proxima-nova-thin-webfont.woff2
origin8now.com/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/fonts/proxima-nova-thin-webfont.woff2
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7bd52e04c74188c55310a79fc7ca7a4192c9e3b18701852b3d2666a40431211
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:39 GMT
ETag
"41e1f743ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
application/font-woff2
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
19440
X-Content-Type-Options
nosniff
fontawesome-webfont.woff2
origin8now.com/fonts/ 		75 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin8now.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: origin8now.com
URL: https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.99.138.178 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Request headers

Referer
https://origin8now.com/bundles/styles?v=jkno7J_PIJWMgeEkEjfXw8haBBI4w1E7kYqj0rHgYkw1
Origin
https://origin8now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 22:21:40 GMT
ETag
"10eff143ddd7d61:0"
Last-Modified
Mon, 21 Dec 2020 21:07:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Frame-Options
deny
Connection
keep-alive
Content-Type
application/font-woff2
X-XSS-Protection
1
Cache-Control
public,max-age=31536000
Content-Security-Policy
default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
77160
X-Content-Type-Options
nosniff
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame 1FA5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1417661.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://origin8now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1003653
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id
RrV3TtvgPmZ7gCZoWRLEhNKcmezt55lzRfsiR8Ud5bOs0muIjMWV1Q==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://origin8now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 11 Jun 2022 22:21:39 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		324 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b141d5e9654c55aa09e31f0bcd3e75c1ebcc6b4cfb237a2898918025f298ed5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
EBCF7544-503B-4C26-AC21-AEB8CC94B5AB
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sat, 11 Jun 2022 22:21:40 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
324
visit-data
in.hotjar.com/api/v2/client/sites/1417661/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1417661/visit-data?sv=6
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.157.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-157-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer
https://origin8now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 11 Jun 2022 22:21:40 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1417661
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1417661?s=0.25&r=0.05160918434160222
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:21:40 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
JKC9ZqPFeCfOyo1JVgvdkvM8eqrhhz4FG1zBqT_KOylKnvIkxpezJg==
common.js
maps.googleapis.com/maps-api-v3/api/js/49/4/intl/de_ALL/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/4/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0382f75a5b72a079e959c8bf8e7f97e0503db58be0170d544944c3d0674ea8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30570
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 18:38:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 18:21:08 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/4/intl/de_ALL/ 		309 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/4/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfA9HoQZ15Dr5SKmz1D8xF5mxFpceGhTE&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8926b7b9c4efcb02733803d50b6d6c97db01cca40b26e0f2897f4f652dc29fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin8now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94016
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 18:38:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 18:21:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-168303388-1&cid=1018350491.1654986093&jid=142184539&_u=YGDACEABBAAAAC~&z=1148149289
Domain
origin8now.com
URL
https://origin8now.com/fonts/default/HurmeGeometricSans2-Bold.otf
Domain
origin8now.com
URL
https://origin8now.com/fonts/default/Merriweather-Regular.ttf
Domain
svc-prd.origin8now.com
URL
https://svc-prd.origin8now.com/api/documents/profileImage/partnerlogo/0
Domain
origin8now.com
URL
https://origin8now.com/images/Origin8_loader.gif
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GP6BJPXNZ8&gtm=2oe680&_p=2136222334&_z=ccd.tdB&cid=1018350491.1654986093&ul=en-us&sr=1600x1200&sid=1654986093&sct=1&seg=0&dl=https%3A%2F%2Forigin8now.com%2Floan%2F71247%2Fdocumentation&dt=Origin8&_s=2
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61934038-10&cid=1018350491.1654986093&jid=497223666&_u=QACAAUAAAAAAAC~&z=608375444

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| appInsights object| html5 object| Modernizr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| hj object| _hjSettings function| $ function| jQuery object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| AI object| Microsoft function| __extends function| _endsWith object| recaptcha function| wizardButtonDirective object| angular object| ngMaterial object| @uirouter/angularjs function| _ function| moment function| JSZip object| kendo function| PayJS function| requirejs function| require function| define function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

16 Cookies

Domain/Path Name / Value
.origin8now.com/ Name: _gid
Value: GA1.2.2088533789.1654986093
.origin8now.com/ Name: _gat_UA-219077898-1
Value: 1
.origin8now.com/ Name: _gat_UA-168303388-1
Value: 1
.origin8now.com/ Name: _ga
Value: GA1.2.1018350491.1654986093
.origin8now.com/ Name: _gat_gtag_UA_164861138_1
Value: 1
.origin8now.com/ Name: _ga_GP6BJPXNZ8
Value: GS1.1.1654986093.1.0.1654986095.0
origin8now.com/ Name: ai_user
Value: MKTTM|2022-06-11T22:21:36.910Z
www.sagepayments.net/ Name: AWSALBCORS
Value: w+OI71dOp0QT7fvs5AxGTBtckUKcUYNYtW5G91DAGmZqt7Rhzn+x97DBeMpvuLx8vuzqpJx9PRARJpg9026iKTVTHWMGg9wS/t+KHTRSGNxLQJW00tXVLkMfyq1y
.origin8now.com/ Name: _gat_gtag_UA_61934038_10
Value: 1
origin8now.com/ Name: ai_session
Value: 9n7ZH|1654986097928|1654986097928
.origin8now.com/ Name: _hjSessionUser_1417661
Value: eyJpZCI6ImUzNThkNjEzLWFmNmYtNTE3Mi1iMjE1LWM1YWUwNDc3ODJiOSIsImNyZWF0ZWQiOjE2NTQ5ODYwOTY4NTgsImV4aXN0aW5nIjpmYWxzZX0=
.origin8now.com/ Name: _hjFirstSeen
Value: 1
origin8now.com/ Name: _hjIncludedInSessionSample
Value: 1
.origin8now.com/ Name: _hjSession_1417661
Value: eyJpZCI6Ijk0MzExYmRkLTRmMWItNGM3YS05NGVlLWJkZGQ3MDg3ZGJjNyIsImNyZWF0ZWQiOjE2NTQ5ODYwOTg1ODcsImluU2FtcGxlIjp0cnVlfQ==
origin8now.com/ Name: _hjIncludedInPageviewSample
Value: 1
.origin8now.com/ Name: _hjAbsoluteSessionInProgress
Value: 1

3 Console Messages

Source Level URL
Text
security error URL: https://origin8now.com/loan/71247/documentation
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-168303388-1&cid=1018350491.1654986093&jid=142184539&_u=YGDACEABBAAAAC~&z=1148149289' because it violates the following Content Security Policy directive: "default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://origin8now.com/app/login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61934038-10&cid=1018350491.1654986093&jid=497223666&_u=QACAAUAAAAAAAC~&z=608375444' because it violates the following Content Security Policy directive: "default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: origin8now.com *.origin8now.com adobe.com *.adobe.com adobe.io *.adobe.io onetrust.com *.onetrust.com cookielaw.org *.cookielaw.org *.gstatic.com *.reggora.com https://wwww.reggora.com *.docusign.net https://www.docusign.net *.docusign.com https://www.docusign.com https://www.google-analytics.com https://www.google.com *.googleapis.com https://www.googletagmanager.com https://www.sagepayments.net *.msecnd.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com *.visualstudio.com *.doubleclick.net smartystreets.com *.smartystreets.com *.jsdelivr.net jsdelivr.net *.windows.net windows.net 'unsafe-inline' 'unsafe-eval' ; object-src 'none'; frame-ancestors 'self' origin8now.com *.origin8now.com; upgrade-insecure-requests; block-all-mixed-content; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
documentcloud.adobe.com
fonts.googleapis.com
in.hotjar.com
maps.googleapis.com
origin8now.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
svc-prd.origin8now.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sagepayments.net
origin8now.com
svc-prd.origin8now.com
www.google-analytics.com
www.google.de
13.69.106.211
18.66.112.110
18.66.139.40
18.66.97.49
20.99.138.178
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:808::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9d
2a02:26f0:6c00::210:bab1
52.222.236.63
52.30.157.40
99.83.152.193
045cb7fe1b9985a36c22985979c12d3560d9a7ae2ad70780de1eab33a00642f6
08f773de2d13574170e3c612f8ce4654d3e9cc58167c640344bce676a0d07248
0c04b7801b7bdbff77e61aafb86b0b26f29f6ec54297cfe05b1b7088ddbd90d5
1c8f628ada65b3fb6b41b0873e97de15e2f48d15e980b9e1f8bd8289066752de
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30d7da3f762c1c8442454d6ba5fc43978616d1241ab2593729be1ddc4c6fbabc
367cf34e0f82106c500fb60a4dd1f234b0682e4cb9a2dfa247e8f785d3502a48
36eaacec57a504802c8b8697481b4ae42ed264184608c8a85080c73029cf07d6
3a776234892e76fe2105236a8fa5f1ba40b18bb735fff77159f096f7a21aa350
3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f
3ffac3502826c4aa2654cb8af2d81b9a6d26695383986bdf2463f929046de7e1
4343706f83b4a5fff3c5b0e2c55c0e757728f3f551fcc91d3e94e86d4e624bc6
4a44b36877611829e53896be05f3155a61b3123de7117086b3351610cf6067e8
4bee0bdcc3ba61755a616281e296b6fb18b8350f5bc1e7541262f763a4a279b4
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
56b5d40894a00158c83b2b53172143caff6254f5a4156d18df3bdb5faa5ec8e1
5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
5cf0f29fa535b9ec7afcf219f189ee8fe09d93ee253f62c3d60ab9c9b474d377
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70cdf677a2505b1fe965a20a1f3f51253fb4e750a9e4561b572d93eb2e1564d3
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
77fbc60edd998cd701b033e567fdb0db81c8cb1170ad32e3b8cfb26ed7da0aa6
828cd8b0d7ba59662cfc5fcae094f58c2ba389ef0936b6b59fb023bd3da7c04d
8329d2b4c1c7c96260d03217cae87833a6d0ff4196fa889ddb239641198db846
84b0f48253f9db9755374848913a382791d45080720cbddb350d0433d39aa27e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8926b7b9c4efcb02733803d50b6d6c97db01cca40b26e0f2897f4f652dc29fb2
978c3f7b387f38ae1b647bf1cc7f57c5528cb458ee2bc6da5a82f2b28c569172
9b8eec93028c89005ef7c1d2225b10dacdc091b5cd20d3f771d323869d2d4f95
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e5e0d066b2851368f560e4015b356a99363cc1f2d1be53e75cdca0bce2d1aa
b0382f75a5b72a079e959c8bf8e7f97e0503db58be0170d544944c3d0674ea8e
b141d5e9654c55aa09e31f0bcd3e75c1ebcc6b4cfb237a2898918025f298ed5a
b8964793aaa06acbf165afea4b03d5f12e0c54e34a17ef2c56a7c3e34482d0b2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7bd52e04c74188c55310a79fc7ca7a4192c9e3b18701852b3d2666a40431211
d8a59fdc52a378c98b5a72e586bac603789af7b96fce2c5dd66dc4518bc544be
d936d9e4ac6ef685995239b92b4cf75e2cb1b343093e5431c0e5730b9d2b3960
dc8725c51e1a6f4b4e594302b3aa6e10ab4fae7ebbad0cc8b27139f61ea900f2
dd293c3decd287f4d20de42a3a73d1f439116074535d80db3d5018e0c92844e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
fa7508640ff582e85b0136bca69ee0d8f6cb53fcd0ca70ca877a6300cc496e7c