indexo.dev

originprotocol.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 3439 ms crawled 2026-05-16

US · 172.66.150.200 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Origin Protocol
Description
Earn amplified yield on Ethereum and stablecoins with Origin Protocol's OETH and OUSD.
Language
en

Open Graph

url
https://www.originprotocol.com
title
Origin Protocol
description
Earn amplified yield on Ethereum and stablecoins with Origin Protocol's OETH and OUSD.

Technology

CDN
Cloudflare
Analytics
  • Plausible

Third-party hosts loaded (1)

  • plausible.io×1

Social

Registration

Registrar
Cloudflare, Inc.
Created
2017-11-22
Expires
2026-11-22 187 days left
Updated
2026-04-14
Name servers
  • becky.ns.cloudflare.com
  • curt.ns.cloudflare.com

DNS records live

NS
  • becky.ns.cloudflare.com
  • curt.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 5 TXT records
  • google-site-verification=F-oLH2DxiBqljUSrEpcS8KhcSf5_3IR98vl4k_WK8ZY
  • google-site-verification=y726ZU8c9joeDlohIo1o_9JYJF-x35im3kT7t485iEI
  • 82682F4809
  • MS=538D3E3D7C268F75ED56EBD5A4486D7297D5EDE0
  • google-site-verification=3Po4eNia3rJ45mUB43j1P6i4qVvUkNGZp4QwF_-L7SY

Email authentication strong

SPF
v=spf1 include:sendgrid.net include:_spf.google.com include:20080415.spf04.hubspotemail.net include:smtp.mail.ethermail.io -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;rua=mailto:dmarc@originprotocol.com
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklXkBwwf1YVg3hIaPw9x8hOAIhdO82XTH5nE3uXtCbyvK67blfOkdb7v9HtjN9sh9TkU4AdJwIWdZU…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QmtOJPB35MEv98SyY6vQ99ENfeQ1/nLuSk2sRVqm2w3G9U2QzYz8Pjr6FdC6BqnHEythqp2BSzq5NW3+c…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4zr+hNVZJrx4I8zWrFLWcsHOOdl8mZGHPCrFVMNsU7SOr4odxNJ/2u47Yk3i4YxhRU9sJ8//ath3Xazg1Oivy/F…
selectors probed

Certificate (current)

WE1
from 2026-04-26 to 2026-07-25
Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.originprotocol.com/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-3acb7781-f007-465d-8aad-c9d23ffbb5e6' 'strict-dynamic' 'unsafe-inline' https: https://plausible.io; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' data: blob: *; font-src 'self' data: https:; connect-src 'self' *; object-src 'none'; base-uri 'self'; form-action 'self'; frame-src 'self' https://main.dnhfyas0y8emd.amplifyapp.com; frame-ancestors 'none'; upgrade-insecure-requests

Links to (3)

Linked from (2)