insurance.theoriginway.com Open in urlscan Pro
2600:9000:20b4:5c00:a:7ebf:140:93a1  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response insurance.theoriginway.com/	48 KB 15 KB	1083ms 963ms	Document text/html	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software waitress / Resource Hash 7a84aaafc31255f7fbf7a5d8158dbe8c5742815b7f66e2b7fd5ebe8e8fde29dd Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, max-age=60 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 18 Jun 2024 18:54:29 GMT expires Tue, 18 Jun 2024 18:55:29 GMT nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} permissions-policy browsing-topics=() referrer-policy strict-origin-when-cross-origin report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718736869&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=7x67pqE6B%2Fvi3sAn580FmRYwfP1CAxWkhfMmrjPxUlc%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1718736869&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=7x67pqE6B%2Fvi3sAn580FmRYwfP1CAxWkhfMmrjPxUlc%3D server waitress strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin https://assets.formsort.com, https://insurance.theoriginway.com/ vary Accept-Encoding,Cookie via 1.1 vegur, 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) x-amz-cf-id n0v1Hmg62p5NZoQcc5pXBwBu2hKC_P1ZpdG5LqDQA8P9m270rm5xuw== x-amz-cf-pop AMS58-P4 x-cache Miss from cloudfront x-content-type-options nosniff x-formsort-version 5fe8f03a2ceb1015b5f2a3b3ec693137147022a4 x-robots-tag noindex, nofollow
GET H2	200	lux.js Show response cdn.speedcurve.com/js/	21 KB 9 KB	491ms 416ms	Script application/javascript	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.speedcurve.com/js/lux.js?id=4217970927 Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash 8752828d8a4cf9c9856a044cb578e4fde2dc118402eb13154a59105cdbc62314 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cache-hits 0 date Tue, 18 Jun 2024 18:54:31 GMT via 1.1 vegur, 1.1 varnish content-encoding gzip age 0 x-cache MISS content-length 8494 x-served-by cache-fra-etou8220148-FRA last-modified Tue, 18 Jun 2024 18:54:30 GMT server Apache x-timer S1718736871.629979,VS0,VE391 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jun 2024 18:54:30 GMT
GET H2	200	polyfill.min.js Show response insurance.theoriginway.com/polyfill/v3/	104 B 623 B	40ms 39ms	Script text/javascript	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/polyfill/v3/polyfill.min.js?features=Intl%2Ces5%2Ces6%2Ces7%2Ces2019%2CPromise%2Cfetch%2CArray.prototype.at%2CArray.prototype.flat Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cdn-server Global date Tue, 18 Jun 2024 18:52:06 GMT content-encoding gzip via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) cf-cache-status EXPIRED x-amz-cf-pop AMS58-P4 age 144 x-cache Hit from cloudfront last-modified Tue, 18 Jun 2024 07:46:43 GMT server cloudflare vary Accept-Encoding,User-Agent access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 895d797c6b61199e-FRA x-amz-cf-id Q74dJFPisX8XNui30a-cBj1s-lcAioNu7Cakd-GRYbrDb20MXsqXiA== expires Tue, 18 Jun 2024 19:52:06 GMT
GET H2	200	react.fa4b187c49dee6a3fc67.js Show response insurance.theoriginway.com/assets/flow/static/js/	165 KB 54 KB	36ms 33ms	Script text/javascript	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/assets/flow/static/js/react.fa4b187c49dee6a3fc67.js Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1ea828d81f80dddc1ef3b06047a09a9d0a384a54f3eef73c7b2075eec040dc2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 14:21:28 GMT content-encoding gzip via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) last-modified Fri, 17 May 2024 09:59:59 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 1139583 etag W/"3f45547e774fb3328693aeb55cd95702" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id BrN6Wy0A21YTXaez4F4N5TLPpfRRPtWLtBPkH28S43AZ66_PpNi0Nw== x-amz-meta-sha 239d525b04c7a4f27c5f8637c915c32f38158a9a
GET H2	200	vendors.3605443f1ad77590068e.js Show response insurance.theoriginway.com/assets/flow/static/js/	239 KB 77 KB	97ms 94ms	Script text/javascript	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/assets/flow/static/js/vendors.3605443f1ad77590068e.js Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9cbda54c4969fccca299f1396cf093ed5c6bacbb07091a8f5a0a34e5bdb004cf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 14:21:28 GMT content-encoding gzip via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) last-modified Fri, 17 May 2024 09:59:59 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 1139583 etag W/"17ed4bf36c3e24732c30c654cff3c734" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id q-MAajSg-MHgDpnWaZBSq-CHeFBNyGwg3B_39IUAcFshOKBKogy6-g== x-amz-meta-sha 239d525b04c7a4f27c5f8637c915c32f38158a9a
GET H2	200	flow.2085bcd1443684519aa2.js Show response insurance.theoriginway.com/assets/flow/static/js/	576 KB 153 KB	101ms 99ms	Script text/javascript	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/assets/flow/static/js/flow.2085bcd1443684519aa2.js Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bac6acc52154d3761fd6698f799e7dd4a728a43cfa65fa2fc5a3d560390f1102 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 14:59:11 GMT content-encoding gzip via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) last-modified Thu, 13 Jun 2024 13:24:32 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 446120 etag W/"daf1da4958b133bd0f656ce9fa195bc4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id 3bMGd8ZuqDGDcrf4jo-ScZQ6m9d5xoIrJ89U0__s8Co04ms9eEzebA== x-amz-meta-sha 2327e45b2fc046ebb0de990e08753953fdc15a4b
GET H2	200	3cdff37b-facb-4452-8f8b-64c372dd20be Show response insurance.theoriginway.com/flow-api/client/uwYMNmujkN/deployment/	246 KB 28 KB	562ms 496ms	Fetch application/json	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/flow-api/client/uwYMNmujkN/deployment/3cdff37b-facb-4452-8f8b-64c372dd20be Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software waitress / Resource Hash 4eafac19874ee40d1e89ad9c29ad7cd5e2d0a984b79122a06a3be2bb7e915382 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImFhOmI4OjIyOmYxOmUwOjRkOjFhOmNlOmVkOjBmOmVlOjljOjBjOmFlOmVkOjE5OmNmOjJmOmQxOmVmIn0.eyJ0eXAiOiJTRVNTSU9OIiwiaWF0IjoiMTcxODczNjg3MCIsImV4cCI6IjE3MTg3NDA0NzAiLCJzdWIiOiJzZXNzaW9ufGI4ZTZkYTMxLWNiYjEtNDU1NC1iYmE5LWFmYzdiZTNmODIyMiIsImNsaWVudF9sYWJlbCI6InV3WU1ObXVqa04iLCJmbG93X2xhYmVsIjoiaW5zdXJhbmNlIiwiZW52aXJvbm1lbnRfbGFiZWwiOiJwcm9kdWN0aW9uIiwicmVzcG9uZGVyX3V1aWQiOiJhYzM4N2Q0Ni1jYWNlLTQ4ZjItOTZiMS1lNjZjMDcwY2E0NDIiLCJzZXNzaW9uX3V1aWQiOiJiOGU2ZGEzMS1jYmIxLTQ1NTQtYmJhOS1hZmM3YmUzZjgyMjIiLCJyb2xlcyI6MH0.LIDzJGJSwAfsrKQYm5vLnvNMeKXQtdiE8ZmXRub9KYngpRByF46TfYKXgrM0d4sLg_SX0bsCKvOO64U1FAUab72iNHqNil7cPe8HXSysepXcJYQtsYYW3KydJ4D1jS9uLLGv11zuWjXKUKKUYXKdT-Gvp5pLUn1V-DqJzI_rT-f4Xo-0854Qed8DMyAPIgdB-rBstuJpZ846PQvEIsG7nMkRUvHtmtGtUO2fyrY4N8gmmeAkkV4m32Vbxk5oaVUuaVQGr73kX59cjIPTPyM2lVM6nJSkIQrA7wqhUAIDRt13qkksFBMpdDxDikWt03UrtwfC5RW3dJrHU92je-UV9g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT content-encoding gzip via 1.1 vegur, 1.1 38ff23673937c3eba42a4eefb2007078.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-content-type-options nosniff x-amz-cf-pop AMS58-P4 x-cache Miss from cloudfront content-length 28009 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1718736871&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=NLjlu5TrjxUc2yFj1%2BifIhG5srMxlz9rQ51aPDj0lCA%3D referrer-policy strict-origin-when-cross-origin server waitress vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718736871&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=NLjlu5TrjxUc2yFj1%2BifIhG5srMxlz9rQ51aPDj0lCA%3D"}]} content-type application/json cache-control public, max-age=60 permissions-policy browsing-topics=() x-amz-cf-id fiMZEUjIHRqNqomTWEojYUvylP43DoJe_ZrtrISgaPaxcpETfF_n8A== expires Tue, 18 Jun 2024 18:55:31 GMT
GET H2	200	favicon.7af85bbd996a3106641a.ico insurance.theoriginway.com/assets/flow/static/media/	198 B 588 B	29ms 29ms	Other image/vnd.microsoft.icon	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/assets/flow/static/media/favicon.7af85bbd996a3106641a.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 14:44:00 GMT via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) last-modified Wed, 07 Sep 2022 17:38:40 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 1138232 etag "c6acedaff906029fc5455d9ec52c7f42" x-cache Hit from cloudfront content-type image/vnd.microsoft.icon cache-control public, max-age=31536000 content-length 198 x-amz-cf-id wJp-5PHhtuqHpeK0s-0Q3Yf_IA9eC1F1r1ez_KUxVgKdARbCjZRJOg== x-amz-meta-sha 1434784cbe073cebac3d07f4b272c01fcf1beccc
GET H2	200	/ lux.speedcurve.com/lux/	0 159 B	88ms 24ms	Image image/webp	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://lux.speedcurve.com/lux/?v=316&id=4217970927&sid=171873687103758509&uid=171873687103758509&l=&HN=insurance.theoriginway.com&PN=%2F&fl=64&NT=1718736869451as0fs0ds56de56cs56sc85ce121qs121bs1084be1086oi1125os1315oe1315oc1587ls1587le1587sr1140&LJS=d0t54f415c1n470e1r100x8494l1121s1586&PS=ns5bs0is3841ss0bc0ic42122ia0it0dd3nd26vh1200vw1600dh1200dw1600ds12621ct4G_er0nt0dm8&CPU=s|51,n|1,d|51,x|51,i|0,1265|51&CLS=0.000000&UT=sessionStartInitiated|1315,sessionStarted|1315,variantLoadingInitiated|1315,variantLoaded|1788,sessionStart|1315|0,variantLoading|1315|472 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-served-by cache-fra-etou8220099-FRA date Tue, 18 Jun 2024 18:54:31 GMT via 1.1 varnish server Varnish x-timer S1718736871.353448,VS0,VE0 x-cache HIT content-type image/webp access-control-allow-origin * accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	css fonts.googleapis.com/	2 KB 849 B	93ms 33ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=DM+Sans:400,500,700&display=swap Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/assets/flow/static/js/vendors.3605443f1ad77590068e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 18 Jun 2024 18:54:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 18 Jun 2024 18:28:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 18 Jun 2024 18:54:31 GMT
GET H2	200	763.af27923a606c0c7cfce0.js Show response insurance.theoriginway.com/assets/flow/static/js/	264 KB 84 KB	30ms 29ms	Script text/javascript	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/assets/flow/static/js/763.af27923a606c0c7cfce0.js Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/assets/flow/static/js/flow.2085bcd1443684519aa2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 21040b715dc9f2850ab81d198f9f4a7ea2d039dd16814c590bea902abbe868c3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 14:21:29 GMT content-encoding gzip via 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) last-modified Wed, 20 Dec 2023 09:18:28 GMT server AmazonS3 x-amz-cf-pop AMS58-P4 age 1139583 etag W/"5cae44d73e451b0a889f3d2efd0a0ccb" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=31536000 x-amz-cf-id MEyhrvPhGWWANpkPhWPj6Nih0S03j5CtfGvlwTCQ9TcFnANZQ5a54Q== x-amz-meta-sha 0f86c4e947018f532bf04a61f1be8cfa1beaf8de
GET H2	200	3123385d-2a2b-4ab0-8246-0922f1f68da8.png usercontent.formsort.com/uwYMNmujkN/	34 KB 34 KB	159ms 76ms	Image image/png	143.204.215.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usercontent.formsort.com/uwYMNmujkN/3123385d-2a2b-4ab0-8246-0922f1f68da8.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-32.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9e6c32105dce08b344562a6de30f21f7a9a64c42dd477c1be8bb9e69c5750034 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 05:48:41 GMT via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Wed, 19 Apr 2023 12:39:14 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 47151 etag "2917bdcd9cc67a54a9cfd5d5121671fb" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000,public content-length 34397 x-amz-cf-id 86TnuZNB8SwhjZ9_zxDSp5Hjn5mRj6Irzj6VFRhVrlZsPt2JJASrTg==
GET H2	200	answers-upload Show response insurance.theoriginway.com/flow-api/client/uwYMNmujkN/flow/insurance/variant/main/variant-revision/8ab7671a-8b76-4c28-89c1-29d79d5fa236/deployment/3cdff37b-facb-4452-8f8b-64c372dd20be/responder/ac3...	2 KB 2 KB	449ms 449ms	Fetch application/json	2600:9000:20b4:5c00:a:7ebf:140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insurance.theoriginway.com/flow-api/client/uwYMNmujkN/flow/insurance/variant/main/variant-revision/8ab7671a-8b76-4c28-89c1-29d79d5fa236/deployment/3cdff37b-facb-4452-8f8b-64c372dd20be/responder/ac387d46-cace-48f2-96b1-e66c070ca442/answers-upload?env=production Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/assets/flow/static/js/flow.2085bcd1443684519aa2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:5c00:a:7ebf:140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software waitress / Resource Hash f80ff9e59ece47387f12df66b5714bceba37164b9e7982eb7c5ecac7b46ce7f3 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImFhOmI4OjIyOmYxOmUwOjRkOjFhOmNlOmVkOjBmOmVlOjljOjBjOmFlOmVkOjE5OmNmOjJmOmQxOmVmIn0.eyJ0eXAiOiJTRVNTSU9OIiwiaWF0IjoiMTcxODczNjg3MCIsImV4cCI6IjE3MTg3NDA0NzAiLCJzdWIiOiJzZXNzaW9ufGI4ZTZkYTMxLWNiYjEtNDU1NC1iYmE5LWFmYzdiZTNmODIyMiIsImNsaWVudF9sYWJlbCI6InV3WU1ObXVqa04iLCJmbG93X2xhYmVsIjoiaW5zdXJhbmNlIiwiZW52aXJvbm1lbnRfbGFiZWwiOiJwcm9kdWN0aW9uIiwicmVzcG9uZGVyX3V1aWQiOiJhYzM4N2Q0Ni1jYWNlLTQ4ZjItOTZiMS1lNjZjMDcwY2E0NDIiLCJzZXNzaW9uX3V1aWQiOiJiOGU2ZGEzMS1jYmIxLTQ1NTQtYmJhOS1hZmM3YmUzZjgyMjIiLCJyb2xlcyI6MH0.LIDzJGJSwAfsrKQYm5vLnvNMeKXQtdiE8ZmXRub9KYngpRByF46TfYKXgrM0d4sLg_SX0bsCKvOO64U1FAUab72iNHqNil7cPe8HXSysepXcJYQtsYYW3KydJ4D1jS9uLLGv11zuWjXKUKKUYXKdT-Gvp5pLUn1V-DqJzI_rT-f4Xo-0854Qed8DMyAPIgdB-rBstuJpZ846PQvEIsG7nMkRUvHtmtGtUO2fyrY4N8gmmeAkkV4m32Vbxk5oaVUuaVQGr73kX59cjIPTPyM2lVM6nJSkIQrA7wqhUAIDRt13qkksFBMpdDxDikWt03UrtwfC5RW3dJrHU92je-UV9g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 x-transaction-id ac387d46-cace-48f2-96b1-e66c070ca442/b8e6da31-cbb1-4554-bba9-afc7be3f8222/506c1d9e-7c6b-4a5e-b7c9-fae14c99b59b Referer https://insurance.theoriginway.com/ X-Request-ID ac387d46-cace-48f2-96b1-e66c070ca442/b8e6da31-cbb1-4554-bba9-afc7be3f8222/506c1d9e-7c6b-4a5e-b7c9-fae14c99b59b sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} via 1.1 vegur, 1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P4 content-encoding gzip x-cache Miss from cloudfront reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1718736871&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=NLjlu5TrjxUc2yFj1%2BifIhG5srMxlz9rQ51aPDj0lCA%3D referrer-policy strict-origin-when-cross-origin server waitress vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718736871&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=NLjlu5TrjxUc2yFj1%2BifIhG5srMxlz9rQ51aPDj0lCA%3D"}]} content-type application/json cache-control no-store permissions-policy browsing-topics=() x-amz-cf-id aqy5IZdl_MIlq9dQgutV7PeXxuAspRRNWnlbeHL5djKkziyKcfCZqQ==
GET H2	200	xsk2pyj.css use.typekit.net/	9 KB 1 KB	256ms 156ms	Stylesheet text/css	2a02:26f0:480:f::213:7ee1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/xsk2pyj.css Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash f1887b986b1492e75142f249cd081add6cc8b95844e08769e14433f3adc97e4e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Tue, 18 Jun 2024 18:54:31 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1053
GET H2	200	172fb50f-f47a-475e-ae66-ad757b007305.png usercontent.formsort.com/uwYMNmujkN/	94 KB 94 KB	72ms 26ms	Image image/png	143.204.215.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usercontent.formsort.com/uwYMNmujkN/172fb50f-f47a-475e-ae66-ad757b007305.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-32.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 1180941a0ddb4a72f2d7945826d91a8cf0dcb4d7ca144c05279bd6ee7e93c0e8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 03:55:46 GMT via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Wed, 22 Feb 2023 20:31:27 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 2386726 etag "5761afdd5af5ca21dc046f9022bc55bf" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000,public content-length 95874 x-amz-cf-id n6KNhpxr-utyOXvJsjbEYITfOpYwlZ-mBSwwO897M25aDbZecxW_OA==
GET H2	200	0a220467-ad22-4984-8bcd-f7470c115fc4.png usercontent.formsort.com/uwYMNmujkN/	45 KB 46 KB	234ms 189ms	Image image/png	143.204.215.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usercontent.formsort.com/uwYMNmujkN/0a220467-ad22-4984-8bcd-f7470c115fc4.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-32.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9e050a5a70e21df2fbddfec2d12f0065e4a6c9fe6ac76359477969930b076c31 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:32 GMT via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Wed, 16 Aug 2023 20:11:06 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "3f5d7b0d9defa25fe7ee0595d1197ea6" x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000,public content-length 46355 x-amz-cf-id CtYBL2k-7GlIT8Hu0S82UISMPCfirvAEQASr-D8Kf0hwWS74E2bi4w==
GET H2	200	a2b6230f-0518-4d19-bbdc-6c31421804eb.svg usercontent.formsort.com/uwYMNmujkN/	980 B 1 KB	71ms 26ms	Image image/svg+xml	143.204.215.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usercontent.formsort.com/uwYMNmujkN/a2b6230f-0518-4d19-bbdc-6c31421804eb.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-32.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 45242bd3af83fc7dc8432039587e2555b5801b9913119d73f44bd9b990c72255 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 20:16:53 GMT via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Fri, 14 Apr 2023 18:36:42 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 1809459 etag "0898b5d973a80fc0f8cf4b5b4b8e66aa" x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=31536000,public content-length 980 x-amz-cf-id 7fZRER3hJ2hZBXGCA4Dn_Q1YR6cU95NZno4WoiKgwd3lrgSU2VkHgQ==
GET H2	200	1ce4d9ce-25f9-4657-a5ce-2ca77aef8331.png usercontent.formsort.com/uwYMNmujkN/	16 KB 17 KB	65ms 30ms	Other image/png	143.204.215.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usercontent.formsort.com/uwYMNmujkN/1ce4d9ce-25f9-4657-a5ce-2ca77aef8331.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-32.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 5439302ca541afe47956b1af540e244b0743ccc2023ff5b58853c9075ddd979b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 22:50:19 GMT via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) last-modified Fri, 07 Apr 2023 17:28:19 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 1281853 etag "ae69e8d0f5fcef6f039a1749f59125fd" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000,public content-length 16891 x-amz-cf-id iDctCSQA6wqQQYVKjnIic06llOOZXJj0dEfipU_Hmkt03euaRdrGAA==
POST H2	200	/ Show response o210177.ingest.sentry.io/api/1334649/envelope/	2 B 308 B	173ms 25ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o210177.ingest.sentry.io/api/1334649/envelope/?sentry_key=64ded0b86127407cb55f5c467a6312fb&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.89.0 Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/assets/flow/static/js/763.af27923a606c0c7cfce0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 18 Jun 2024 18:54:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 fonts.gstatic.com/s/dmsans/v15/	36 KB 37 KB	151ms 22ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:48:11 GMT x-content-type-options nosniff age 14780 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36848 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:58:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:48:11 GMT
GET H2	200	rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 fonts.gstatic.com/s/dmsans/v15/	36 KB 0	151ms 151ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:48:11 GMT x-content-type-options nosniff age 14780 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36848 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:58:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:48:11 GMT
GET H2	200	rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 fonts.gstatic.com/s/dmsans/v15/	36 KB 0	175ms 175ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=DM+Sans:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:48:11 GMT x-content-type-options nosniff age 14780 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36848 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:58:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:48:11 GMT
GET H2	204	events event.formsort.com/	0 0	471ms 350ms	Fetch	18.245.86.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://event.formsort.com/events?payload=%5B%7B%22createdAt%22%3A%222024-06-18T18%3A54%3A31.327Z%22%2C%22eventType%22%3A%22FlowLoaded%22%2C%22variantUuid%22%3A%228ab7671a-8b76-4c28-89c1-29d79d5fa236%22%2C%22responderUuid%22%3A%22ac387d46-cace-48f2-96b1-e66c070ca442%22%2C%22isReturningResponder%22%3Afalse%2C%22data%22%3A%7B%22experimentId%22%3A0.5990815395489335%2C%22formsortEnv%22%3A%22production%22%2C%22windowInnerWidth%22%3A1600%2C%22windowInnerHeight%22%3A1200%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22pathname%22%3A%22%2F%22%2C%22releaseId%22%3A%222d33345c34970eb9bbf58484758eaa23a654bae5%22%2C%22isInIframe%22%3Afalse%2C%22clientLabel%22%3A%22uwYMNmujkN%22%7D%7D%2C%7B%22createdAt%22%3A%222024-06-18T18%3A54%3A31.328Z%22%2C%22eventType%22%3A%22StepLoaded%22%2C%22variantUuid%22%3A%228ab7671a-8b76-4c28-89c1-29d79d5fa236%22%2C%22responderUuid%22%3A%22ac387d46-cace-48f2-96b1-e66c070ca442%22%2C%22isReturningResponder%22%3Afalse%2C%22data%22%3A%7B%22stepIndex%22%3A0%2C%22stepId%22%3A0%2C%22stepUuid%22%3A%222ada1884-0bbc-487a-92cf-37deb69bed5f%22%7D%7D%5D Requested by Host: insurance.theoriginway.com URL: https://insurance.theoriginway.com/assets/flow/static/js/763.af27923a606c0c7cfce0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-34.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://insurance.theoriginway.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT via 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P6 x-amzn-trace-id Root=1-6671d7e7-15a9685a65fbb1ce64744adc x-amzn-requestid 5ccdb9c5-2298-4f76-bbec-fefcbd1b8570 x-cache Miss from cloudfront access-control-allow-methods GET,OPTIONS access-control-allow-origin * x-amz-apigw-id Zk6sRFawiYcEk_g= access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,sentry-trace x-amz-cf-id cYLqViW-ryAleLr0eW9cAFjjqTHVg0G_bQ9GwQcawujbGmK_GrtIrg==
GET H2	200	p.css p.typekit.net/	5 B 173 B	163ms 38ms	Stylesheet text/css	2a02:26f0:3500:8::c16c:9908 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=xsk2pyj&ht=tk&f=43699.43700.43701.43702.43703.43704.43705.43706.43707.43708.43709.43710&a=100927393&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/xsk2pyj.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:8::c16c:9908 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT last-modified Sun, 19 May 2024 12:57:48 GMT server nginx etag "6649f74c-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	l use.typekit.net/af/1bcb70/00000000000000007735cb0f/30/	26 KB 26 KB	104ms 26ms	Font application/font-woff2	2a02:26f0:480:f::213:7ee1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1bcb70/00000000000000007735cb0f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/xsk2pyj.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4bbf3249cfbf08a3bd188cfc598d3e1c539f61c18231948f080c0c57f495ed24 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/xsk2pyj.css Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT server nginx etag "76b8eeb84d5ecf096cdf05064c9ea2d0be869d37" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26908
GET H2	200	l use.typekit.net/af/88d4aa/00000000000000007735cb08/30/	26 KB 26 KB	100ms 22ms	Font application/font-woff2	2a02:26f0:480:f::213:7ee1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/88d4aa/00000000000000007735cb08/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/xsk2pyj.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 2bd3eca3c3ae12d710d11eb9bdfa24a3465d73ec418639bf0550f1848975b766 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/xsk2pyj.css Origin https://insurance.theoriginway.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 18:54:31 GMT server nginx etag "d92cee838ef8b4ee70ef49f2a90e9ac604b51a13" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 26356

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| __fsGlobalDeployment object| webpackChunk_formsort_flow object| regeneratorRuntime object| __SENTRY__

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			insurance.theoriginway.com/	1969-12-31 23:59:59	Name: fs_seen_deployments Value: JTVCJTdCJTIyY2xpZW50JTIyJTNBJTdCJTIybGFiZWwlMjIlM0ElMjJ1d1lNTm11amtOJTIyJTdEJTJDJTIyZmxvdyUyMiUzQSU3QiUyMmxhYmVsJTIyJTNBJTIyaW5zdXJhbmNlJTIyJTdEJTJDJTIyZW52aXJvbm1lbnQlMjIlM0ElN0IlMjJsYWJlbCUyMiUzQSUyMnByb2R1Y3Rpb24lMjIlN0QlMkMlMjJ2YXJpYW50JTIyJTNBJTdCJTIybGFiZWwlMjIlM0ElMjJtYWluJTIyJTJDJTIyZGVwbG95bWVudFV1aWQlMjIlM0ElMjIzY2RmZjM3Yi1mYWNiLTQ0NTItOGY4Yi02NGMzNzJkZDIwYmUlMjIlN0QlN0QlNUQ=
			insurance.theoriginway.com/	1969-12-31 23:59:59	Name: fs_flow_session Value: JTdCJTIyc2Vzc2lvblRva2VuJTIyJTNBJTIyZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRwWkNJNkltRmhPbUk0T2pJeU9tWXhPbVV3T2pSa09qRmhPbU5sT21Wa09qQm1PbVZsT2psak9qQmpPbUZsT21Wa09qRTVPbU5tT2pKbU9tUXhPbVZtSW4wLmV5SjBlWEFpT2lKVFJWTlRTVTlPSWl3aWFXRjBJam9pTVRjeE9EY3pOamczTUNJc0ltVjRjQ0k2SWpFM01UZzNOREEwTnpBaUxDSnpkV0lpT2lKelpYTnphVzl1ZkdJNFpUWmtZVE14TFdOaVlqRXRORFUxTkMxaVltRTVMV0ZtWXpkaVpUTm1PREl5TWlJc0ltTnNhV1Z1ZEY5c1lXSmxiQ0k2SW5WM1dVMU9iWFZxYTA0aUxDSm1iRzkzWDJ4aFltVnNJam9pYVc1emRYSmhibU5sSWl3aVpXNTJhWEp2Ym0xbGJuUmZiR0ZpWld3aU9pSndjbTlrZFdOMGFXOXVJaXdpY21WemNHOXVaR1Z5WDNWMWFXUWlPaUpoWXpNNE4yUTBOaTFqWVdObExUUTRaakl0T1RaaU1TMWxOalpqTURjd1kyRTBORElpTENKelpYTnphVzl1WDNWMWFXUWlPaUppT0dVMlpHRXpNUzFqWW1JeExUUTFOVFF0WW1KaE9TMWhabU0zWW1VelpqZ3lNaklpTENKeWIyeGxjeUk2TUgwLkxJRHpKR0pTd0Fmc3JLUVltNXZMbnZOTWVLWFF0ZGlFOFptWFJ1YjlLWW5ncFJCeUY0NlRmWUtYZ3JNMGQ0c0xnX1NYMGJzQ0t2T082NFUxRkFVYWI3MmlOSHFOaWw3Y1BlOEhYU3lzZXBYY0pZUXRzWVlXM0t5ZEo0RDFqUzl1TExHdjExenVXalhLVUtLVVlYS2RULUd2cDVwTFVuMVYtRHFKeklfclQtZjRYby0wODU0UWVkOERNeUFQSWdkQi1yQnN0dUpwWjg0NlBRdkVJc0c3bk1rUlV2SHRtdEd0VU8yZnlyWTROOGdtbWVBa2tWNG0zMlZieGs1b2FWVXVhVlFHcjcza1g1OWNqSVBUUHlNMmxWTTZuSlNrSVFyQTd3cWhVQUlEUnQxM3Fra3NGQk1wZER4RGlrV3QwM1VydHdmQzVSVzNkSnJIVTkyamUtVVY5ZyUyMiUyQyUyMnNlc3Npb25VdWlkJTIyJTNBJTIyYjhlNmRhMzEtY2JiMS00NTU0LWJiYTktYWZjN2JlM2Y4MjIyJTIyJTdE
			insurance.theoriginway.com/	1970-01-20 21:25:38	Name: lux_uid Value: 171873687103758509

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.speedcurve.com
event.formsort.com
fonts.googleapis.com
fonts.gstatic.com
insurance.theoriginway.com
lux.speedcurve.com
o210177.ingest.sentry.io
p.typekit.net
use.typekit.net
usercontent.formsort.com
143.204.215.32
151.101.130.217
151.101.66.217
18.245.86.34
2600:9000:20b4:5c00:a:7ebf:140:93a1
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a02:26f0:3500:8::c16c:9908
2a02:26f0:480:f::213:7ee1
34.120.195.249
1180941a0ddb4a72f2d7945826d91a8cf0dcb4d7ca144c05279bd6ee7e93c0e8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21040b715dc9f2850ab81d198f9f4a7ea2d039dd16814c590bea902abbe868c3
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
2bd3eca3c3ae12d710d11eb9bdfa24a3465d73ec418639bf0550f1848975b766
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45242bd3af83fc7dc8432039587e2555b5801b9913119d73f44bd9b990c72255
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
4bbf3249cfbf08a3bd188cfc598d3e1c539f61c18231948f080c0c57f495ed24
4eafac19874ee40d1e89ad9c29ad7cd5e2d0a984b79122a06a3be2bb7e915382
5439302ca541afe47956b1af540e244b0743ccc2023ff5b58853c9075ddd979b
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
7a84aaafc31255f7fbf7a5d8158dbe8c5742815b7f66e2b7fd5ebe8e8fde29dd
8752828d8a4cf9c9856a044cb578e4fde2dc118402eb13154a59105cdbc62314
9cbda54c4969fccca299f1396cf093ed5c6bacbb07091a8f5a0a34e5bdb004cf
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
9e050a5a70e21df2fbddfec2d12f0065e4a6c9fe6ac76359477969930b076c31
9e6c32105dce08b344562a6de30f21f7a9a64c42dd477c1be8bb9e69c5750034
bac6acc52154d3761fd6698f799e7dd4a728a43cfa65fa2fc5a3d560390f1102
c1ea828d81f80dddc1ef3b06047a09a9d0a384a54f3eef73c7b2075eec040dc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1887b986b1492e75142f249cd081add6cc8b95844e08769e14433f3adc97e4e
f80ff9e59ece47387f12df66b5714bceba37164b9e7982eb7c5ecac7b46ce7f3