ororaconnect.com Open in urlscan Pro
104.210.213.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url3551.ororavisual.com/ls/click?upn=6PrTa1US5wdlWOzO4-2FMyQE7Hd8IJLjyKo2psgq9mzePDffd7GEkwGvFJDZGhdrsMZmleHsMtPmKkkrOsU...
Effective URL:
https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX...
Submission: On July 30 via manual (July 30th 2022, 8:13:59 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 104.210.213.163, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ororaconnect.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 6th 2022. Valid for: a year.

This is the only time ororaconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
10	104.210.213.163 104.210.213.163	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	143.204.89.57 143.204.89.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
18	143.204.89.129 143.204.89.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.66 143.204.89.66	16509 (AMAZON-02) (AMAZON-02)
1	18.209.128.59 18.209.128.59	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	20.150.20.228 20.150.20.228	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	11

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

url3551.ororavisual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.210.213.163 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ororaconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.89.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-57.fra50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 143.204.89.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-129.fra50.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-66.fra50.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.128.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-128-59.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.20.228 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ororaconnectblobnew.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2583 consent-pref.trustarc.com — Cisco Umbrella Rank: 15304 consent-st.trustarc.com — Cisco Umbrella Rank: 29749	458 KB
10	ororaconnect.com ororaconnect.com	7 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	windows.net ororaconnectblobnew.blob.core.windows.net	66 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 29687	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	45 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2151	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	7 KB
1	ororavisual.com 1 redirects url3551.ororavisual.com	545 B
47	10

	Domain	Requested by
18	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com ororaconnect.com prefmgr-cookie.truste-svc.net
10	ororaconnect.com	ororaconnect.com
8	consent.trustarc.com	ororaconnect.com consent.trustarc.com consent-pref.trustarc.com
3	fonts.googleapis.com	ororaconnect.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ororaconnectblobnew.blob.core.windows.net
1	prefmgr-cookie.truste-svc.net	ororaconnect.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	www.googletagmanager.com	ororaconnect.com
1	stackpath.bootstrapcdn.com	ororaconnect.com
1	cdnjs.cloudflare.com	ororaconnect.com
1	url3551.ororavisual.com	1 redirects
47	12

This site contains no links.

Subject Issuer	Validity	Valid
*.ororaconnect.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-06` - `2023-05-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-05-12` - `2023-05-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Frame ID: 48DFBE0C8519517EF0B0D4D5019A433C
Requests: 23 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 36564257636EED15AAC1C57C0AC97344
Requests: 21 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html
Frame ID: 3450949972F1A469856BE236EF6C4AB4
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https://ororavisual.com/privacy-policy/&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 7C313814090F2529A671E689D1672F2D
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 6D5B466C7AD3373EA754D01CC6F88E91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orora Connect

Page URL History Show full URLs

http://url3551.ororavisual.com/ls/click?upn=6PrTa1US5wdlWOzO4-2FMyQE7Hd8IJLjyKo2psgq9mzePDffd7GEkwGvFJDZGhd... HTTP 302
https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJI... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

47
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

7287 kB
Transfer

26780 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url3551.ororavisual.com/ls/click?upn=6PrTa1US5wdlWOzO4-2FMyQE7Hd8IJLjyKo2psgq9mzePDffd7GEkwGvFJDZGhdrsMZmleHsMtPmKkkrOsUGjCQuIrjDt7qVgFUJZHyaKIaXTltDw3MsB6-2BohVMC0GCyVRFIFf3OygrDa9F7AziyOmf53Cp71EoHk-2F0503RKSwT-2FPKJ1QjiTjD4CChp5RS-2FfgCkjvpX7bLYv1nJZVV1FqhkJXqZg2WDib-2B-2FEEd5e3OxEsmyA5sAj98imDA383FGxvx-2BA0rQHjniALiDABGLxFjd4ZsHvnhQbp7kAGPjEYG38XF7TIRDYEsDCmoovZuY9aZmJ6y895QOmi-2FT-2F76c75x60fVxkZRXiRLx4bGwQkQwBC8Vo1Dwz9Y6L7LPWvV2vzyyuXWueWwsumcYmXsbTPEryIheqh0UuJyfzhI91ul-2FkoQKZK0K6twALkJW5yFyCh3VJE6ZpUfArxecrv6vIOehw-3D-3DBkOy_HuzYY4V5i7audEkYl-2BTducgtdIKryeo6bhRL5ZlQu7m-2BpIjVnJW-2FOiZSg40xl-2BNyz2OSBcnxlp1HeR5-2Fy2g3DGfc0ZLsyw3GYFNe5oH7zeBmf-2FE7xKklXUET7oEQx8LLIjyhqyIrIcGYkEhxkP-2FOhom6Nrt1guTklRNH4pLTUYRvncf7M2ZH2on0fGTBNli3M6nD9hwQ16Mn8l2b8-2B7U6EIrJo4aBEOyc92G0zO1Igw-3D HTTP 302
https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request TotalWine Show response
ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/
Redirect Chain

http://url3551.ororavisual.com/ls/click?upn=6PrTa1US5wdlWOzO4-2FMyQE7Hd8IJLjyKo2psgq9mzePDffd7GEkwGvFJDZGhdrsMZmleHsMtPmKkkrOsUGjCQuIrjDt7qVgFUJZHyaKIaXTltDw3MsB6-2BohVMC0GCyVRFIFf3OygrDa9F7AziyOmf...
https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJ...

4 KB
3 KB

584ms
143ms

Document
text/html

104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: fb661a26221b694990adb2b822aacfd6f0decace1a904bb0c014519b48081a14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 2449
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Jul 2022 20:13:48 GMT
ETag: W/"118d-2MLrafdQrzGj/GxXXVSW5Q0aXlo"
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=utf-8
Date: Sat, 30 Jul 2022 20:13:47 GMT
Location: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Requested by

Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38cb477c74252deb0c2b28ec418c40931fc4b7af7aa4c709d23de2e9669f8cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 19:12:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 20:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 84ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 20:13:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 20:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 708 B
440 B 91ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 19:06:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 20:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 168ms
101ms Script
text/javascript 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=orora.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b944d06ff82844f8294190675e3061a1aa327d8e03df037ea8813e7051a09224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ororaconnect.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Accept-Encoding
content-length: 4204
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
x-amz-cf-id: TBCpfsYcxXBSBLHeZE44Xb6_RaljxO-KgGksrBAXTqayE0fSWqIhmg==
expires: Sat, 30 Jul 2022 21:13:48 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 80ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ororaconnect.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11918918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1tSWSMpwjVrsNT0Ypb1duUSB924tSycDL0nXLqcDXVoVAeRrNI7tPBobvlI0AeY5NHke687OnnEqSMr69zG2RZxBX2Lc7n1D37wr%2BEUrmpVEMQu0uccrKrkmz1yb1DqqfzmYQGfkmefTyL4Hrcd1fci"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7330c1cafb419a2d-FRA
expires: Thu, 20 Jul 2023 20:13:48 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 93ms
44ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ororaconnect.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 04/09/2022 02:51:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 54ae0a02bcc491c53e6c19ea68f85ea8
cf-ray: 7330c1caf91f8fd6-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK runtime.js Show response
ororaconnect.com/ 6 KB
2 KB 140ms
138ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/runtime.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:48 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"1877-1dszl6msUKSHR7hye3HgoXUdV/4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2081

GET
H/1.1 200
OK polyfills.js Show response
ororaconnect.com/ 315 KB
74 KB 286ms
146ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/polyfills.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 680a42f719ceda17be0b0f3ce72f9116397f69111d5a779c3cb1b8c71668786e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:48 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"4ec06-6SJl9Ya7HjEMDtim6DgLkaNVHm4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.js Show response
ororaconnect.com/ 2 MB
582 KB 577ms
305ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/styles.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: f7caf0927532e4852ac980b3db9faaf7ee4a06fe2935c3de9173b142da131bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:48 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"213f50-WiyV9WSOF1KqfMg7CgGMRlEu4XI"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK scripts.js Show response
ororaconnect.com/ 87 KB
39 KB 560ms
289ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/scripts.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 4eb2b7e943b1e9f34b338d963efbd5ce35230ec734ef62e31f492fcc2395380a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:48 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"15d9f-aO4Osy2LJcNk4czlgFAd/jHJgTU"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 39741

GET
H/1.1 200
OK vendor.js Show response
ororaconnect.com/ 15 MB
4 MB 662ms
375ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/vendor.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: a7724e7348c6ae350390a5c749f8a99358bdbabb7490ac0dd1f9e3d1880526f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:48 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"ea9021-1Gr0sjQWyjGmvZZnJCsEIJY0Vz0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK main.js Show response
ororaconnect.com/ 8 MB
2 MB 725ms
323ms Script
application/javascript 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/main.js
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: edc534f58495681c8536e629df5a0e76c022aaef0e680bc72e5e031e3e11c7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 20:13:49 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"7d2522-jEJcnUSbB8kMEiQ3Z2MNZSqF/V0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 105ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBNRNM2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6b620656ccb8b319ed2cf076a1105f2edc30da9337be5d8305b941ae8b60def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45183
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 v1.7-9931 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
24 KB 29ms
28ms Script
text/javascript 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-9931

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=orora.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a66961db0ebb751f3cb1776a56448d5eeeb9167e9ef27dd45e3506f3e0f3a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ororaconnect.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:03:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 632
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Thu, 28 Jul 2022 04:07:12 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: T-x21GyLMWUqxNICefb44jD3Z8XM3FT0CMqVN7_lJAUXpZm8pWyL_Q==
expires: Mon, 29 Aug 2022 20:03:16 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
441 B 98ms
52ms Image
image/gif 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=orora.com&country=de&state=&behavior=expressed&c=0113

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 20:13:48 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43
x-amz-cf-id: ssn2x098JoN4xerXTYtPEjT0jj3JQNjj7VAxVfZiNpvAtPGfp44yOA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 3656 5 KB
3 KB 125ms
64ms Document
text/html 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-9931

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://ororaconnect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 30 Jul 2022 20:13:48 GMT
etag: W/"5147-1658382944000"
expect-ct: max-age=86400; enforce;
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-id: _v2o86IcL2poEweo_AD8XgBzZA-xeO-_e3ut817sFsxmMdLnAfnXdA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
540 B 51ms
51ms Image
image/gif 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=orora.com&behavior=expressed&country=de&language=de&rand=0.3151829010086189

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:48 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: NW
x-amz-cf-id: Ycfgs29_Z0KgAfcmdcPnPa1PROOw9mFyYWTYLwz0Dd_x3WbDifOvLA==
expires: Sat, 30 Jul 2022 21:13:48 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 5 KB
3 KB 143ms
142ms Script
application/javascript 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

86f1e0608f82f70542aed2b53673fabcaf285a56d64990cc16429894d6190388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:56:04 GMT
server: nginx
etag: W/"4867-1658382964000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: xHItw5LxYli-nU3ldv32ZO6G93r1nn9dp7T3zH8oAS8KGooK3a_u8A==
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 3656 20 KB
5 KB 113ms
25ms Script
text/javascript 143.204.89.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-66.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Tue, 19 Jul 2022 01:22:38 GMT
content-encoding: gzip
server: nginx
age: 1018271
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
x-amz-cf-id: j4S4Jb39LiVUix3rbds-Hdt3HF-QOECDmvwPRM8_uOh5gE4cpvSAfQ==
expires: Thu, 18 Aug 2022 01:22:38 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 3656 3 KB
3 KB 23ms
23ms Image
image/gif 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 07:01:42 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 47526
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
server: nginx
etag: W/"2608-1658382944000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: TAD4SUtsaZQwKW2jaZqrfT-Fi0JJF42j4EfU_YoLIwvOa8_W-tEuGQ==

GET
H2 200 A1A77CACE13428C619EAA9CD4AAF3A33.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3450 139 KB
46 KB 27ms
26ms Document
text/html 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

98e37fd6bc53edaed8c390c12ad97e6dad44c7a80fc4a0bd8c8fd65ffbf72758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 233553
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Jul 2022 03:21:16 GMT
etag: W/"142492-1658382964000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 21 Jul 2022 05:56:04 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-id: iJIyQBYO8Zk5vvSjaFmG1YuVVMSeJWaRigPZFp0fo1vQkVm56A7x_w==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 969 B
1 KB 124ms
124ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 462
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: zjoNU9Z-26psNkcWoXRdm8pfYFaCA2MRunFdF0ABzM0bpZ7Sa9jcdQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 48 B
623 B 125ms
125ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4d2e6cd560b3bc747e5247c5d1f03dfdf1af5ec17515ce53258a14479e20264e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: bwsEXSNfmXL1CFvpilg_qHyGsS7e0zGaJfI3aXwjLw8QVRTp-yBV_g==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 3656 28 KB
7 KB 142ms
142ms Stylesheet
text/css 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
server: nginx
etag: W/"29043-1658382944000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 2IoeHzVLImKLynMluPHmfIG3EfbP7WK3zKnjAKC9KClBp1H79joMYg==
expires: Sat, 30 Jul 2022 20:13:48 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/ Frame 3656 253 KB
87 KB 25ms
25ms XHR
application/javascript 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

10e1931a3e36fa600229465d6e64de9619a8476745c3e02567d55b790be46a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233499
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:56:04 GMT
server: nginx
etag: W/"259551-1658382964000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Sk9oBvgSY_GlwMdJAe_JApUauEpQjS-tdzq8Vf4GqeBynG3sYxvpyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/ Frame 3656 19 KB
8 KB 23ms
23ms XHR
application/javascript 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f664b945142386f00843ebdfab83976ab760246c7e063c2756684650ef763a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233498
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:56:04 GMT
server: nginx
etag: W/"19689-1658382964000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 962Kbj005JnSkf-6lb7nunXjlCmmuhQi8_dzTItiUAB35qcpr-7VlA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 7C31 5 KB
2 KB 386ms
109ms Document
text/html 18.209.128.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https://ororavisual.com/privacy-policy/&irm=undefined&from=https://consent.trustarc.com/

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.128.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-128-59.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 20:13:49 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 736 B
929 B 345ms
344ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

0efc4a16356e69738ac7156ba1f227d6c5b4827960627a569b7037850348cfbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 338
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: jur4JtIXaG0LnwwrHevkR03nzam4R91jmcr358A4aLS4tfZIxFyNgg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 14 KB
5 KB 123ms
123ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3b54d183d6344a34852a1ebe48fb6c8928b687f52b25a419205252e042759e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 4287
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: hb4f28Y4ZyP_I2wk75Btz0ceBU9jXf0aF0nhXLy3l8WxqaJ3Uv_xDg==

GET
H2 200 get
consent.trustarc.com/ Frame 3656 3 KB
3 KB 23ms
22ms Image
image/png 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=Powered-By-TrustArc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 19:45:26 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server: nginx
age: 1703
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 2639
x-amz-cf-id: ZJTKQ7YOXNW94WKzteSQm1gYwk4fsjUrul2SACYY1MhS13DSWC2SfQ==
expires: Mon, 29 Aug 2022 19:45:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 94ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 216718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 82ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ororaconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:13:19 GMT
x-content-type-options: nosniff
age: 30
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 20:13:19 GMT

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/ Frame 3656 43 KB
14 KB 24ms
23ms XHR
application/javascript 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/A1A77CACE13428C619EAA9CD4AAF3A33/4.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c399376aeddd251f19bfce0066e27e1564f3cadf6f9df5e9abe58a509035e0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233496
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:56:04 GMT
server: nginx
etag: W/"43996-1658382964000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UZxYFyvCZjpAaGpaOtpK0irl6z0IQ_ybMx_e-WGjoTzLQnS4nTDYDA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 3656 3 KB
3 KB 25ms
24ms Image
image/gif 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 07:01:42 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 47528
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
server: nginx
etag: W/"2608-1658382944000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: utixAOau84MHcsu80ofT1ocRrBIeqg4tB7rWG-IDTpk34Ym3OeaoKg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 2 KB
1 KB 138ms
137ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4cfc5cb6fb5c4a7d5bb51c41215603f735638975d4e5d9694d340096e73e82b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 871
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: H1eoxY4Oe47TcG6cwYp-jmPkH146pY6ZqfUDbqsVMSEhanBG2_xLXg==

GET
H2 200 get
consent.trustarc.com/ Frame 3656 158 KB
159 KB 61ms
61ms Font
application/octet-stream 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=SignalCenterRegular.otf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

620cb279806c7735b51e4313bfee4ceaa4455c63ced22df46bd43217de382717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 20:13:50 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 161572
x-amz-cf-id: fAs53wcsavk4Zq7k4e-PU0i6WElZuj_QXX1sWPfh_P6bZy7VO3DjBA==
expires: Mon, 29 Aug 2022 20:13:50 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 3656 58 KB
58 KB 34ms
33ms Image
image/png 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=ORORA_LOGO.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

646149516a8d0ae77e9e70a92d9501eb8b1065994fbf6c74ceecd274d644d4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 19:36:17 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server: nginx
age: 2253
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 59203
x-amz-cf-id: -ZAFd6uqwT2QyIw_0UQxv4nPEcGsF7FDJndYWBCwQ0vAbjV1t4pflg==
expires: Mon, 29 Aug 2022 19:36:17 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 6D5B 2 KB
1 KB 28ms
28ms Document
text/html 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https://ororavisual.com/privacy-policy/&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64146
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 30 Jul 2022 02:24:44 GMT
etag: W/"2008-1658382944000"
expect-ct: max-age=86400; enforce;
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-id: X-Ll20Cpaauoz0-oGKEAvYKfXIAL1P5YuleTg9Vb4T5OsCDrz81Uvw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3656 65 KB
13 KB 56ms
56ms XHR
application/json 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7fc0492edf801f053782f394ae125698fcc6f3048e77ce127b8e949cda1011d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: A1A77CACE13428C619EAA9CD4AAF3A33
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 20:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 12450
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 49GS7aRWdrkRnj4iP6-0HkUePgrF9vU2G0IbiZK4jOeAIvTAGAWpoA==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame 3656 1 KB
2 KB 23ms
23ms Image
image/png 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 08:31:35 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 42135
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1068
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
server: nginx
etag: W/"1068-1658382944000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: lMRjWdnJfVWzExQ44QHiAZhhIGf6YPF8pOuA10Zj4c4pQExXCSOELg==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame 3656 2 KB
2 KB 23ms
23ms Image
image/gif 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-129.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=orora&layout=gdpr&site=orora.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&privacypolicylink=https%3A%2F%2Fororavisual.com%2Fprivacy-policy%2F&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 03:15:34 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 61096
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1737
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Jul 2022 05:55:44 GMT
server: nginx
etag: W/"1737-1658382944000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: LSmKq2I2zDwUN3Xsjcgsh4qNVpx7VgEqpDr4iLdceqdtd8zDOfyaJQ==

GET
H2 200 get
consent.trustarc.com/ Frame 3656 3 KB
3 KB 23ms
22ms Image
image/png 143.204.89.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=Powered-By-TrustArc.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/A1A77CACE13428C619EAA9CD4AAF3A33.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-57.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 19:45:26 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server: nginx
age: 1704
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
content-length: 2639
x-amz-cf-id: yTN7b3fLTOQTSkvmLKSLXJiirsZVAKbJb-5K6KzG1OB8VdrJD0UTFQ==
expires: Mon, 29 Aug 2022 19:45:26 GMT

GET
H/1.1 200
OK a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd Show response
ororaconnect.com/api/User/getUserByUserId/ 1 KB
1 KB 784ms
373ms XHR
application/json 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com:8443/api/User/getUserByUserId/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 0e63e032c53207aa430be22c12cc42141705650c22a212a0aa3abb9fc1124437

Request headers

Accept: application/json, text/plain, */*
Referer: https://ororaconnect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ororaconnect.com
Date: Sat, 30 Jul 2022 20:13:54 GMT
Vary: Origin
Server: Kestrel
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK TotalWine Show response
ororaconnect.com/api/Customer/getCustomerLoginProfile/ 556 B
785 B 826ms
415ms XHR
application/json 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com:8443/api/Customer/getCustomerLoginProfile/TotalWine
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: c44b400b913a54b25ba6a1b0a28965e9f89f55997b9a2bb3edb6007786e703e2

Request headers

Accept: application/json, text/plain, */*
Referer: https://ororaconnect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ororaconnect.com
Date: Sat, 30 Jul 2022 20:13:54 GMT
Vary: Origin
Server: Kestrel
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK info Show response
ororaconnect.com/sockjs-node/ 78 B
343 B 144ms
144ms XHR
application/json 104.210.213.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ororaconnect.com/sockjs-node/info?t=1659212034623
Requested by: Host: ororaconnect.com
URL: https://ororaconnect.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.210.213.163 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7224f95e1d63d5bf5374d1aa16491a655bd91cd709e5eaa327a54f5a72a9ad61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/changePassword/a0867c8a-e4a3-4aeb-afb8-da95a41d9bcd/TotalWine?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTkyMDc0NjUsImV4cCI6MTY1OTIxNDY2NSwiaWF0IjoxNjU5MjA3NDY1LCJpc3MiOiJodHRwczovL29yb3JhY29ubmVjdC5jb206ODQ0MyIsImF1ZCI6Imh0dHBzOi8vb3JvcmFjb25uZWN0LmNvbTo4NDQzIn0.vQh8h5cFh3WBA2NZjnMWEeaZJWKY8QLDvdy9TwGgN5g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Jul 2022 20:13:54 GMT
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK 1aafbc8d-a44f-308f-0acf-a8b9951c3bcb:TotalWineLogo500x200.jpg
ororaconnectblobnew.blob.core.windows.net/ororaconnectnew/ 66 KB
66 KB 676ms
143ms Image
application/octet-stream 20.150.20.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ororaconnectblobnew.blob.core.windows.net/ororaconnectnew/1aafbc8d-a44f-308f-0acf-a8b9951c3bcb:TotalWineLogo500x200.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.20.228 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08a7c660b4683ed1b376489412ee32662fb2977b4ca325da3de3175863f49ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ororaconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 30 Jul 2022 20:13:55 GMT
Last-Modified: Mon, 21 Jun 2021 19:58:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: mcbGmr0JL7vqx7dpAXJ7ng==
ETag: "0x8D934EEEDA5EC55"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
x-ms-request-id: ecddef5b-601e-00c9-6750-a48f65000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 67423
x-ms-lease-state: available

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ororaconnect.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
prefmgr-cookie.truste-svc.net/	1970-01-20 04:53:32	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 04:53:32	Name: token_test Value: Sat Jul 30 2022 20:13:50 GMT+0000 (GMT)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
ororaconnect.com
ororaconnectblobnew.blob.core.windows.net
prefmgr-cookie.truste-svc.net
stackpath.bootstrapcdn.com
url3551.ororavisual.com
www.googletagmanager.com
104.210.213.163
143.204.89.129
143.204.89.57
143.204.89.66
167.89.118.83
18.209.128.59
20.150.20.228
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
08a7c660b4683ed1b376489412ee32662fb2977b4ca325da3de3175863f49ef9
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0e63e032c53207aa430be22c12cc42141705650c22a212a0aa3abb9fc1124437
0efc4a16356e69738ac7156ba1f227d6c5b4827960627a569b7037850348cfbc
10e1931a3e36fa600229465d6e64de9619a8476745c3e02567d55b790be46a93
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
38cb477c74252deb0c2b28ec418c40931fc4b7af7aa4c709d23de2e9669f8cf3
3b54d183d6344a34852a1ebe48fb6c8928b687f52b25a419205252e042759e1e
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
4a66961db0ebb751f3cb1776a56448d5eeeb9167e9ef27dd45e3506f3e0f3a96
4cfc5cb6fb5c4a7d5bb51c41215603f735638975d4e5d9694d340096e73e82b5
4d2e6cd560b3bc747e5247c5d1f03dfdf1af5ec17515ce53258a14479e20264e
4eb2b7e943b1e9f34b338d963efbd5ce35230ec734ef62e31f492fcc2395380a
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
620cb279806c7735b51e4313bfee4ceaa4455c63ced22df46bd43217de382717
646149516a8d0ae77e9e70a92d9501eb8b1065994fbf6c74ceecd274d644d4dc
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
680a42f719ceda17be0b0f3ce72f9116397f69111d5a779c3cb1b8c71668786e
7224f95e1d63d5bf5374d1aa16491a655bd91cd709e5eaa327a54f5a72a9ad61
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
7fc0492edf801f053782f394ae125698fcc6f3048e77ce127b8e949cda1011d7
82d57f67ab0814e294462e2fe5effee559d78fd73289214f0b5a9802ed6e3900
86f1e0608f82f70542aed2b53673fabcaf285a56d64990cc16429894d6190388
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e37fd6bc53edaed8c390c12ad97e6dad44c7a80fc4a0bd8c8fd65ffbf72758
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
a6b620656ccb8b319ed2cf076a1105f2edc30da9337be5d8305b941ae8b60def
a7724e7348c6ae350390a5c749f8a99358bdbabb7490ac0dd1f9e3d1880526f8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b944d06ff82844f8294190675e3061a1aa327d8e03df037ea8813e7051a09224
c399376aeddd251f19bfce0066e27e1564f3cadf6f9df5e9abe58a509035e0bd
c44b400b913a54b25ba6a1b0a28965e9f89f55997b9a2bb3edb6007786e703e2
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e
edc534f58495681c8536e629df5a0e76c022aaef0e680bc72e5e031e3e11c7ac
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f664b945142386f00843ebdfab83976ab760246c7e063c2756684650ef763a6f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7caf0927532e4852ac980b3db9faaf7ee4a06fe2935c3de9173b142da131bf0
fb661a26221b694990adb2b822aacfd6f0decace1a904bb0c014519b48081a14

ororaconnect.com Open in urlscan Pro 104.210.213.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

42 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

7287 kBTransfer

26780 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ororaconnect.com Open in urlscan Pro
104.210.213.163 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

7287 kB
Transfer

26780 kB
Size

3
Cookies

47 HTTP transactions
0 data transactions