www.ormanager.com Open in urlscan Pro
172.67.178.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ai.omeclk.com/portal/wts/uc%5Ecmsb8ev2bbNj%5B%5Ecz70ymdEPo%5E4Eays%7EeDjkeHQ2o
Effective URL:
https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Submission: On April 30 via manual (April 30th 2024, 6:15:59 am UTC) from US — Scanned from DE

Summary HTTP 179 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 33 domains to perform 179 HTTP transactions. The main IP is 172.67.178.30, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ormanager.com.
TLS certificate: Issued by GTS CA 1P5 on April 2nd 2024. Valid for: 3 months.

This is the only time www.ormanager.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
64	172.67.178.30 172.67.178.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.89.48.242 54.89.48.242	14618 (AMAZON-AES) (AMAZON-AES)
4	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	35.80.158.24 35.80.158.24	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223c:a600:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 6	2600:9000:264... 2600:9000:2644:8000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.67.172.134 172.67.172.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
3	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
1	2606:4700:20:... 2606:4700:20::681a:4f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
6	156.146.33.141 156.146.33.141	60068 (CDN77 _) (CDN77 _)
2	18.245.46.10 18.245.46.10	16509 (AMAZON-02) (AMAZON-02)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2600:1f14:5db... 2600:1f14:5db:eb00:587:d70f:3a38:c7aa	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:3392:7b68:4327:e9ec	16509 (AMAZON-02) (AMAZON-02)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.220.79.196 3.220.79.196	14618 (AMAZON-AES) (AMAZON-AES)
5	143.204.205.185 143.204.205.185	16509 (AMAZON-02) (AMAZON-02)
1	34.226.189.223 34.226.189.223	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
2	44.242.45.116 44.242.45.116	16509 (AMAZON-02) (AMAZON-02)
1	54.194.109.213 54.194.109.213	16509 (AMAZON-02) (AMAZON-02)
2	64.34.196.222 64.34.196.222	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	54.188.53.58 54.188.53.58	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
4	156.146.33.137 156.146.33.137	60068 (CDN77 _) (CDN77 _)
179	53

1 205.162.42.171 (Lincolnshire, United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: omeclk.com

ai.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 172.67.178.30 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ormanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.89.48.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-48-242.compute-1.amazonaws.com

apps.decisionbriefs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

ormanager.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.80.158.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-56.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:a600:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2644:8000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.172.134 (United States)

ASN13335 (CLOUDFLARENET, US)

apps.accessintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mdevents.accessintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4f4 (United States)

ASN13335 (CLOUDFLARENET, US)

ssl.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

12891178.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 156.146.33.141 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-10.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f14:5db:eb00:587:d70f:3a38:c7aa (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:3392:7b68:4327:e9ec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.79.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-79-196.compute-1.amazonaws.com

apps.decisionbriefs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.205.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-185.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.189.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-189-223.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (Riyadh, Saudi Arabia)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.242.45.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-46.boldchat.com

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.109.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-109-213.eu-west-1.compute.amazonaws.com

visitor-services.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.34.196.222 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

geo.accessintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.53.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-31.boldchat.com

images.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 156.146.33.137 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 494557430.fra.cdn77.com

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	ormanager.com www.ormanager.com	4 MB
18	userway.org cdn.userway.org — Cisco Umbrella Rank: 3313 api.userway.org — Cisco Umbrella Rank: 3174 cdn77.api.userway.org — Cisco Umbrella Rank: 6069	220 KB
12	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 23712 oqs.omeda.com — Cisco Umbrella Rank: 24296 cdp.omeda.com — Cisco Umbrella Rank: 23966	76 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3422 d.adroll.com — Cisco Umbrella Rank: 1607	118 KB
7	decisionbriefs.com apps.decisionbriefs.com — Cisco Umbrella Rank: 387948	47 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 12891178.fls.doubleclick.net — Cisco Umbrella Rank: 237972 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	171 KB
6	boldchat.com vmss.boldchat.com — Cisco Umbrella Rank: 36075 vms.boldchat.com — Cisco Umbrella Rank: 29447 visitor-services.boldchat.com — Cisco Umbrella Rank: 33049 images.boldchat.com — Cisco Umbrella Rank: 126956	21 KB
5	cloudfront.net d10lpsik1i8c69.cloudfront.net	97 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
4	accessintel.com apps.accessintel.com — Cisco Umbrella Rank: 411412 geo.accessintel.com — Cisco Umbrella Rank: 391540 mdevents.accessintel.com	64 KB
4	gstatic.com fonts.gstatic.com	86 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	357 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139	96 KB
3	sitescout.com 1 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 667 pixel.sitescout.com — Cisco Umbrella Rank: 5672	516 B
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3731	28 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	377 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 1999	290 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1663 api-iam.intercom.io — Cisco Umbrella Rank: 2083	6 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3229 p1.parsely.com — Cisco Umbrella Rank: 2417	21 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2026	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	601 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 594	18 KB
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 11374	1 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 10361	2 KB
1	luckyorange.com ssl.luckyorange.com — Cisco Umbrella Rank: 113241	3 KB
1	disqus.com ormanager.disqus.com	2 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1230	10 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	1 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 902	66 KB
1	omeclk.com 1 redirects ai.omeclk.com — Cisco Umbrella Rank: 216011	291 B
179	33

	Domain	Requested by
64	www.ormanager.com	www.ormanager.com
9	cdn.userway.org	www.googletagmanager.com cdn.userway.org
7	apps.decisionbriefs.com	www.ormanager.com
6	cdn77.api.userway.org	cdn.userway.org
6	s.adroll.com	1 redirects www.googletagmanager.com www.ormanager.com s.adroll.com
5	d10lpsik1i8c69.cloudfront.net	ssl.luckyorange.com d10lpsik1i8c69.cloudfront.net
5	cdp.omeda.com	olytics.omeda.com
4	oqs.omeda.com	olytics.omeda.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	www.ormanager.com www.googletagmanager.com
4	maxcdn.bootstrapcdn.com	www.ormanager.com maxcdn.bootstrapcdn.com
4	securepubads.g.doubleclick.net	www.ormanager.com securepubads.g.doubleclick.net olytics.omeda.com
3	api.userway.org	cdn.userway.org
3	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net
3	region1.google-analytics.com	www.googletagmanager.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	olytics.omeda.com	www.googletagmanager.com www.ormanager.com olytics.omeda.com
3	static.addtoany.com	www.ormanager.com static.addtoany.com
2	images.boldchat.com
2	geo.accessintel.com	apps.accessintel.com
2	vms.boldchat.com	vmss.boldchat.com
2	pixel-sync.sitescout.com	1 redirects www.ormanager.com
2	www.facebook.com	www.ormanager.com
2	js.intercomcdn.com	widget.intercom.io
2	12891178.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.vimeo.com	www.ormanager.com
2	fonts.googleapis.com	www.ormanager.com
1	mdevents.accessintel.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.ormanager.com
1	visitor-services.boldchat.com	vmss.boldchat.com
1	pixel.sitescout.com	www.ormanager.com
1	api-iam.intercom.io	js.intercomcdn.com
1	d.adroll.com	s.adroll.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	settings.luckyorange.net	ssl.luckyorange.com
1	up.pixel.ad	www.googletagmanager.com
1	ssl.luckyorange.com	www.googletagmanager.com
1	widget.intercom.io	www.googletagmanager.com
1	apps.accessintel.com	www.googletagmanager.com
1	vmss.boldchat.com	www.ormanager.com
1	p1.parsely.com	www.ormanager.com
1	ormanager.disqus.com	www.ormanager.com
1	cdn.parsely.com	www.ormanager.com
1	use.fontawesome.com	www.ormanager.com
1	cdnjs.cloudflare.com	www.ormanager.com
1	cdn.optimizely.com	www.ormanager.com
1	ai.omeclk.com	1 redirects
179	49

This site contains links to these domains. Also see Links.

Domain
www.aboutcookies.org
www.accessintel.com
cookiesandyou.com
ceu.ormanager.com
jobs.ormanager.com
store.ormanager.com
twitter.com
www.facebook.com
www.linkedin.com
www.ormanagerconference.com
www.orbusinessmanagementconference.com
www.boldchat.com

Subject Issuer	Validity	Valid
ormanager.com GTS CA 1P5	`2024-04-02` - `2024-07-01`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
static.addtoany.com E1	`2024-04-23` - `2024-07-22`	3 months	crt.sh
decisionbriefs.com Amazon RSA 2048 M02	`2023-08-29` - `2024-09-26`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
player.vimeo.com E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
*.boldchat.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-13`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2023-06-18` - `2024-06-23`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
accessintel.com GTS CA 1P5	`2024-04-08` - `2024-07-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-07`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
luckyorange.com E1	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
luckyorange.net GTS CA 1P5	`2024-03-30` - `2024-06-28`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
geo.accessintel.com R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
1784939676.rsc.cdn77.org R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Frame ID: 8895486870320BB328C73D15FAC67406
Requests: 160 HTTP requests in this frame

Frame: https://player.vimeo.com/video/883052591?badge=0&autopause=0&quality_selector=1&player_id=0&app_id=58479
Frame ID: 8EAB8192705BBF23D7B122D0D87BC74F
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 684478A0E3EEA999D116A91C9313548A
Requests: 1 HTTP requests in this frame

Frame: https://12891178.fls.doubleclick.net/activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0v9175490358z8830755158za201;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E
Frame ID: B0D682E6A4F452A30B6F97BE949C0130
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.540f6ce4.js
Frame ID: 17ACE08C02216CC363F910D6C8FEC8BE
Requests: 3 HTTP requests in this frame

Frame: https://apps.decisionbriefs.com/bigquery/track/core_actions/crts_1714457752150
Frame ID: FEE9D077D4A77FDB2B794A40781A3BB4
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Frame ID: 81CF62D81D1928237898B74EB7033346
Requests: 3 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 10837B1E39EA388DBFF8B19CCF910B14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OR ManagerOR Manager

Page URL History Show full URLs

https://ai.omeclk.com/portal/wts/uc%5Ecmsb8ev2bbNj%5B%5Ecz70ymdEPo%5E4Eays%7EeDjkeHQ2o HTTP 302
https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

179
Requests

98 %
HTTPS

36 %
IPv6

33
Domains

49
Subdomains

53
IPs

6
Countries

6252 kB
Transfer

12114 kB
Size

40
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aboutcookies.org/
Title: click here.

Search URL Search Domain Scan URL

URL: http://www.accessintel.com/privacypolicy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: http://cookiesandyou.com/

Search URL Search Domain Scan URL

URL: https://ceu.ormanager.com/
Title: CE Center

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/home/index.cfm?_ga=2.84204125.535957357.1699898424-1756898648.1685724854
Title: Career Center

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://twitter.com/or_manager
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ORManager
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/4531408/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ormanagerconference.com/
Title: OR Manager Conference

Search URL Search Domain Scan URL

URL: https://www.orbusinessmanagementconference.com/
Title: OR Business Management Conference

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/
Title: Career Center

Search URL Search Domain Scan URL

URL: https://ceu.ormanager.com/saml/login
Title: Education Center Log-In (CE Center)

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/microsurgery-opportunity/72261016/12710/
Title: Microsurgery Opportunity - Hackensack Meridian Health - , NJ

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/foot-and-ankle-orthopaedic-surgeon/69804662/12710/
Title: Foot And Ankle Orthopaedic Surgeon - St. Luke's University Health Network - Allentown, PA

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/chief-vascular-surgery-opportunity-in-new-jersey/71611900/12710/
Title: Chief Vascular Surgery Opportunity in New Jersey - Hackensack Meridian Health - , NJ

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/thoracic-surgery-physician-assistant/71611880/12710/
Title: Thoracic Surgery Physician Assistant - Hackensack Meridian Health - Edison, NJ

Search URL Search Domain Scan URL

URL: http://store.ormanager.com/by-category/books.html
Title: Books & Reports

Search URL Search Domain Scan URL

URL: http://store.ormanager.com/by-category/live-webinars.html
Title: Webinars

Search URL Search Domain Scan URL

URL: http://jobs.ormanager.com/home/index.cfm?site_id=12710
Title: Job Board

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?home=&gid=4531408
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/diversity-inclusion-and-equity
Title: Diversity Inclusion & Equity

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/
Title: Access Intelligence, LLC.

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/diversity-inclusion-and-equity/
Title: Diversity, Equity, Inclusion & Belonging

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/by-category/membership/or-subscription-platinum-1.html?coupon=TAKE25
Title: Click Here

Search URL Search Domain Scan URL

URL: http://www.boldchat.com/
Title: Live chat

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ai.omeclk.com/portal/wts/uc%5Ecmsb8ev2bbNj%5B%5Ecz70ymdEPo%5E4Eays%7EeDjkeHQ2o HTTP 302
https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://12891178.fls.doubleclick.net/activityi;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0v9175490358z8830755158za201;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E HTTP 302
https://12891178.fls.doubleclick.net/activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0v9175490358z8830755158za201;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E

Request Chain 110

https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 136

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

179 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.ormanager.com/
Redirect Chain

https://ai.omeclk.com/portal/wts/uc%5Ecmsb8ev2bbNj%5B%5Ecz70ymdEPo%5E4Eays%7EeDjkeHQ2o
https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

152 KB
35 KB

769ms
710ms

Document
text/html

172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c63b701db0079a033bca2f5ec9a61f5c54b4b610597a91133cb4d68030798dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=300
X-Content-Security-Policy	default-src 'self'; img-src ; media-src data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,POST
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 87c56649e87218df-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default'
cross-origin-opener-policy: unsafe-none
cross-origin-opener-policy-report-only: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 06:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBSAdPgsvUQfRQW6%2BIXSYpisO4UybKZGfLZer8e67pX910eBypVMKDrSZ2f4AHRFNubg1oAfZ%2BgXBcfIU6FrPxDdM%2BJv2ZYoNOI65cx63Wgfi3OwGtRVSaUReC8UR92FItW7iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-5c5f5
x-permitted-cross-domain-policies: none
x-served-by: cache-chi-klot8100134-CHI, cache-fra-eddf8230133-FRA
x-styx-req-id: 174db87f-06b9-11ef-9871-0a542e043f50
x-timer: S1714457750.083743,VS0,VE650
x-xss-protection: 1; mode=block

Redirect headers

Connection: close
Content-Length: 0
Date: Tue, 30 Apr 2024 06:15:49 GMT
Keep-Alive: timeout=5
Location: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 337854241.js Show response
cdn.optimizely.com/js/ 191 KB
66 KB 253ms
153ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/337854241.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

968838ec4987fc04d49c939a7671b925c45f3767e916167316e1b637da926220

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: tSdPjhey4u.4YW6WMZsPDDizZ7x7dOta
content-encoding: gzip
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: JWG8NNH7593G89KX
x-amz-meta-revision: 800
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=11, origin; dur=100, cdn;desc="AkamaiION";dur=0,rtt;desc="40";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1714457750877_388276626_468424005_11158_1982_45_40_219";dur=1
content-length: 66818
x-amz-id-2: DiUUDlSLXYaYQgy6HE50cicT0QjRMdtjnGEHnXWHjO0xzP6g5VNS4RdlwqwQfdIjaJJyowxpy3A=
last-modified: Wed, 23 Oct 2019 22:01:25 GMT
server: AmazonS3
etag: "c629652273cc92946e3460eedfdaec52"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
30 KB 181ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

375c7c159f962f457d48866d00139e512f7109e7a15b8afa4b4d1c91fc18af0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29969
x-xss-protection: 0
server: cafe
etag: 984 / 19843 / m202404250101 / config-hash: 4255553072851817045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 06:15:50 GMT

GET
H3 200 style.min.css
www.ormanager.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 52ms
52ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-ccpc7
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000126-CHI, cache-fra-eddf8230127-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714321071.349616,VS0,VE10
etag: W/"66181cf1-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwonD%2FrWzwYThxZYcsGDfDf49dm%2BbaXLNw2gdJJ%2BK91vl6iGVzdpleZkSsxHfA1qtFy6sXUz8NKnF2JkyuwZiQXlnz5HRAZtnR8Ch8iyiO76IMpy%2FW2i4h8juBAzMCw3lzR1Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 94afaa7b-f83a-11ee-9837-ea497495bc15
cache-control: max-age=31622400
cf-ray: 87c5664e9d4518df-FRA
x-cache-hits: 0, 0

GET
H3 200 bbpress.min.css
www.ormanager.com/wp-content/plugins/bbpress/templates/default/css/ 30 KB
6 KB 50ms
49ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebe4f2398b6a8798d51b247cdedcb56d81cf0d1a803a2b5f7296d76677b8ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-8ld5l
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100107-CHI, cache-fra-eddf8230149-FRA
last-modified: Thu, 11 Apr 2024 17:25:03 GMT
server: cloudflare
x-timer: S1714321071.461588,VS0,VE6
etag: W/"66181cef-761c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7Ho%2FvrsIie0ljk1BKkR57IFvoipl1D8PBRVrZ3tchSRaQOR7HIWBC3%2FWY0BTqBGsuhd%2BmfjLjTKoA1m9jQ31P%2F5DOKJk8JTRmNqDW3Dc6Ep7Lz6v9fgE1L9fUAs5QaavEjPvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 94b2d29d-f83a-11ee-8b24-02afd49b0d9f
cache-control: max-age=31622400
cf-ray: 87c5664ead4618df-FRA
x-cache-hits: 0, 0

GET
H3 200 password-lost.css
www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/css/ 867 B
1 KB 51ms
49ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/css/password-lost.css?ver=6.3.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

929bcc014cf4b84eaf5a9808188b3050c27dc0685b1b56fde00c905ae2241656

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 21:23:48 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3195839
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-86bfdff76b-bl8kp
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100051-CHI, cache-fra-eddf8230131-FRA
last-modified: Wed, 20 Mar 2024 17:05:50 GMT
server: cloudflare
x-timer: S1711261911.195112,VS0,VE2
etag: W/"65fb176e-363"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGq6Otvaxj4RoG2jTlk1zhBj1IMw2afLGOomXo2X99aG3K8fV7aTdya5%2BjhaZv3%2BDjs1VNMsIaRaXCRwsgBTf%2FrppuLYP8EeeWONa%2FAIs9OuS1wnG6lRGovzQ52CB%2FMI699uDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 23de82dd-e700-11ee-b471-9622b33c0f80
cache-control: max-age=31622400
cf-ray: 87c5664ead4718df-FRA
x-cache-hits: 3, 1

GET
H3 200 style.css
www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/css/ 527 B
929 B 64ms
60ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/css/style.css?ver=1.0.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ff3f6beeb6d7baaf2f849401db15f5e13b713034ff77131fa80d219bfec6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 16 Apr 2025 12:52:42 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-n46d6
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100052-CHI, cache-fra-eddf8230147-FRA
last-modified: Sat, 13 Apr 2024 23:10:33 GMT
server: cloudflare
x-timer: S1714321071.449474,VS0,VE4
etag: W/"661b10e9-20f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eij7APzmWzFBsvdEt4UpF3fNEqMFofPlaiSXxIEl6PzhsT5zu1SHMWBFTuW%2BknmkFhesvks3RRScp0KknuLHSXlOG9UUzjbV6ovoRm7yT2TCSoWuI2vCCRc6IzHkalIJr7fmNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 0c81f312-fb27-11ee-92d1-4ebb8baf505c
cache-control: max-age=31622400
cf-ray: 87c5664ead4b18df-FRA
x-cache-hits: 0, 0

GET
H3 200 wpp.css
www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
1 KB 64ms
60ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.3.4

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-qvkkb
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100094-CHI, cache-fra-eddf8230053-FRA
last-modified: Thu, 11 Apr 2024 17:25:04 GMT
server: cloudflare
x-timer: S1714321071.452942,VS0,VE4
etag: W/"66181cf0-688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PV3qMYGlQOMFK5%2BHTcWkoebVcQko9pmEE7OhHgxpTQB9lel43A0faSiGIBeJ4AQ%2BMZmmrfbEq5KcQK4Y7yc8fwkkYCviJvlDwZJaSoA9SPeA0nI9prmzDEwrcA0pMF6GIAdxzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 94b3b856-f83a-11ee-8dfb-f656e1ab073b
cache-control: max-age=31622400
cf-ray: 87c5664ead4c18df-FRA
x-cache-hits: 0, 0

GET
H3 200 subscriber-table-benefits.css
www.ormanager.com/wp-content/themes/orm-theme/css/ 4 KB
2 KB 53ms
49ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/css/subscriber-table-benefits.css?ver=2.1.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4827a3795c631932b0ecc2b3a0d859f5475cd96a368e3e9799c062afe68cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-vn75z
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000145-CHI, cache-fra-eddf8230066-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714321071.447066,VS0,VE4
etag: W/"66181cf1-109d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uv7S%2F9l1gLqUcTOwKwPKtTcUnlGBEHVyew40x4hmFuZRaKcPRMMONBhbdYSiYJxHR4sZZ5CzLZhatuAP5N80hzjwpaiSFilDImNjo8vacdOCNKA8LlYB3Xz0iSMv9UHZVVVRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 94db4e17-f83a-11ee-b194-12166c8a6687
cache-control: max-age=31622400
cf-ray: 87c5664ead4e18df-FRA
x-cache-hits: 0, 0

GET
H3 200 jquery.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ 85 KB
31 KB 88ms
84ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326374
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6db6469467-hh49l
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100145-CHI, cache-fra-eddf8230034-FRA
last-modified: Wed, 20 Mar 2024 17:05:54 GMT
server: cloudflare
x-timer: S1711131376.392841,VS0,VE5
etag: W/"65fb1772-155ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUaaDygGIUQwYtnz%2FcqbIM4b4jL3cATNMzvesWBwAjnuoEO1oVJfk1tIvJA5fZAxDq6CPdHU5iYVcXaQhsxl8FivaYWmzktPTmemV2G4k3P%2BgnsTwhsHYtjxmgOl%2BCnShE9gcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dfb24caa-e6dd-11ee-b692-12f51eaedd49
cache-control: max-age=31622400
cf-ray: 87c5664ead5018df-FRA
x-cache-hits: 1, 1

GET
H3 200 jquery-migrate.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ 13 KB
6 KB 91ms
87ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 21:23:48 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3312746
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-86bfdff76b-rjgjk
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000133-CHI, cache-fra-eddf8230053-FRA
last-modified: Wed, 20 Mar 2024 17:05:54 GMT
server: cloudflare
x-timer: S1711145005.690012,VS0,VE4
etag: W/"65fb1772-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoWJolgs6FBRUIsbr99EYturOI1i8MJh8qdYHNVWYHkqjUk3rE7G7J%2Bc1SU6YBL2y3mOuRq0864SXbQrvIQorCjxPlx7Vb1teKPytxF70yNnSU83e3U40e9KSXKTim0CYVyelw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 23e13a76-e700-11ee-973b-d2a4c65c1225
cache-control: max-age=31622400
cf-ray: 87c5664ead5218df-FRA
x-cache-hits: 3, 1

GET
H3 200 nfpluginsettings.js Show response
www.ormanager.com/wp-content/plugins/ninja-forms-uploads/assets/js/ 1 KB
1 KB 102ms
98ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ninja-forms-uploads/assets/js/nfpluginsettings.js?ver=3.3.16

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066fd763ae80d8c10477182a76d859fa2ce27405d8599aaf4ff76127389dd65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:30 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3312746
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6db6469467-ffzrg
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000043-CHI, cache-fra-eddf8230062-FRA
last-modified: Wed, 20 Mar 2024 17:05:51 GMT
server: cloudflare
x-timer: S1711145005.700323,VS0,VE7
etag: W/"65fb176f-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kec1KoFWjEsK%2FkgFIGdyMgzni2W23ek8AZCk34CyDdQiTSAuPKqa6ZK%2BYrlCyBw3lTCZQlhM%2FyBPWnxo%2B%2BJoQmaF8iDAqOF%2FVnzVaUE5anEtWmLAn27u2c%2BvAo6X4QcasUOBSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dfad07ee-e6dd-11ee-b37f-42cfaa9f2f5b
cache-control: max-age=31622400
cf-ray: 87c5664ead5318df-FRA
x-cache-hits: 8, 1

GET
H3 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 92ms
49ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js?ver=1.4.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 466561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmbVWAPyTN%2F9Z7TZi8ehkp%2Bv2IJjDm9OwCVKtLQkZGw5r%2BJh7VVm2PagI26%2FhDGIsqUQyU8yOQUoEZzaLkBYyM0Qnr%2BJk%2BMWyYw5IQ6Xh7yi6WyFoQzeBHxNWSvQ1zUlnBKNLeUM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c5664eef509743-FRA
expires: Sun, 20 Apr 2025 06:15:50 GMT

GET
H3 200 ai-core-ip-check.js Show response
www.ormanager.com/wp-content/plugins/ai-core-ip-auth/js/ 1 KB
1 KB 103ms
99ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-core-ip-auth/js/ai-core-ip-check.js?ver=1.5.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d655c80ac351e118b3cb1c493cb1294481e0aa29bab78112c6955688e42ec54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326374
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6db6469467-ffzrg
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100160-CHI, cache-fra-eddf8230098-FRA
last-modified: Wed, 20 Mar 2024 17:05:50 GMT
server: cloudflare
x-timer: S1711131376.407937,VS0,VE4
etag: W/"65fb176e-4e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fT73%2F2d3FOX3Q62Moh6xqmApwcw1Lj669Jzof6Ae0eRR7LVd672TsItddVqTEfnQvneAB0Rvm11YRZ%2BTuN2%2BPlOcokrS35Ng1kcmXWfSKw4bvdOX7RGMbAz368PZk7nDjVcLVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dfe0340e-e6dd-11ee-b37f-42cfaa9f2f5b
cache-control: max-age=31622400
cf-ray: 87c5664ead5518df-FRA
x-cache-hits: 4, 1

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 111ms
56ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js?ver=6.3.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25284
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e346c2841e4abbb66ee259e9540abb61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szFf3hR0BiH%2BeetjovzKYEvynzEVRQMarkRFXs7onWUOHdATnxM%2B4pmi5s18lvLifi5MrIO1dxNupsDYWbgsB%2FQxTZpqgX0ZzX231qFmrLcxSYjboB7M9naLmpz%2BLn2R4PH9rsAN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 87c5664ef9875c26-FRA

GET
H3 200 ai_social_sharing.js Show response
www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/js/ 129 B
820 B 103ms
100ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/js/ai_social_sharing.js?ver=1.0.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344663
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-4qs29
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000136-CHI, cache-fra-eddf8230043-FRA
last-modified: Thu, 11 Apr 2024 17:25:04 GMT
server: cloudflare
x-timer: S1714113087.278940,VS0,VE3
etag: W/"66181cf0-81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFLA%2FnE3R37F5MCejKktX9k1c7gEUNsmGz08GeN2AJhb9U4smjDdZClaJBkRqQp%2BnARBEs8h3y61L7sDLUiBbbh7Le%2FFSAIQBNpKAY5n1g37k5v7Cu6oqWmjnWKWr4JS%2Bx8j4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 94b376be-f83a-11ee-b85e-ba26c9eba1c4
cache-control: max-age=31622400
cf-ray: 87c5664ead5618df-FRA
x-cache-hits: 0, 0

GET
H3 200 wpp.min.js Show response
www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 103ms
100ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326374
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6db6469467-zk9gm
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000150-CHI, cache-fra-eddf8230109-FRA
last-modified: Wed, 20 Mar 2024 17:05:52 GMT
server: cloudflare
x-timer: S1711131376.468169,VS0,VE5
etag: W/"65fb1770-1194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXewUD9WBSBInK9A2jVk6dM224tDWapR6oV1UkSwJpXhGXUwbWm%2FmGVIjyn6rp3BnHK32AcCLDfcQZf7NQM26%2BArBqjOHJNZbgNw7PnHF5Sy02aYW%2BD36M6nE%2BI%2FYeFsLuubEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dfb02191-e6dd-11ee-99cc-7271bb84a7b6
cache-control: max-age=31622400
cf-ray: 87c5664ead5718df-FRA
x-cache-hits: 2, 1

GET
H3 200 bootstrap.min.js Show response
www.ormanager.com/wp-content/themes/orm-theme/js/ 36 KB
11 KB 126ms
123ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/js/bootstrap.min.js?ver=6.3.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326374
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-86bfdff76b-bl8kp
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000023-CHI, cache-fra-eddf8230103-FRA
last-modified: Wed, 20 Mar 2024 17:05:53 GMT
server: cloudflare
x-timer: S1711131376.416451,VS0,VE5
etag: W/"65fb1771-90bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMgxur02fR0UGMePDpec%2BuLVAkvTmwU0pLm5snPsgDR7oZM0bN8rA%2FStoNQRvVyip8ICVeMIXf%2BmfxMDc%2B1OgyPlbmw8OD%2BYGmmMPOJSHwZNLErGy6hsg6QwMwW6lSbUpiV%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dfb0cc3a-e6dd-11ee-b471-9622b33c0f80
cache-control: max-age=31622400
cf-ray: 87c5664ead5818df-FRA
x-cache-hits: 1, 1

GET
H2 200 tracking.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 13 KB
13 KB 587ms
232ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/tracking.js
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: b0807829de0cf5844ca49208519907dbce6d2bcc79b21b73d0969de204e968b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
last-modified: Tue, 27 Feb 2024 21:41:37 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "65de5711-33fa"
content-length: 13306
content-type: application/javascript

GET
H3 200 jquery-ui.css
www.ormanager.com/wp-content/plugins/jquery-ui-dialog/css/ 34 KB
9 KB 127ms
124ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/jquery-ui-dialog/css/jquery-ui.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-p2g2t
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000065-CHI, cache-fra-eddf8230156-FRA
last-modified: Thu, 11 Apr 2024 17:25:03 GMT
server: cloudflare
x-timer: S1714321071.457489,VS0,VE5
etag: W/"66181cef-898c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHBEjp5ifdcawLwnAVGZLhfrgifePr1tO3tRz5Agv6i1DS69aHHe0%2BiZWC1X7EDXsGHR764IqlQYa4g0JvI%2BK7FIaKs4XGY%2B%2F5YzNjB1RjcQmUSYj7rM4frgUXWTuRaS%2FFGtNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 94b3dd1f-f83a-11ee-ab33-d6fe6f59bf21
cache-control: max-age=31622400
cf-ray: 87c5664ead5918df-FRA
x-cache-hits: 0, 0

GET
H3 200 jquery-ui.js Show response
www.ormanager.com/wp-content/plugins/jquery-ui-dialog/js/ 460 KB
115 KB 128ms
125ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/jquery-ui-dialog/js/jquery-ui.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245aa60fb782cc0b9ddf3902ab304929664bf450a269773ad1ab61b9916f1b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-scqdz
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000108-CHI, cache-fra-eddf8230126-FRA
last-modified: Thu, 11 Apr 2024 17:25:04 GMT
server: cloudflare
x-timer: S1714321071.461649,VS0,VE6
etag: W/"66181cf0-72e45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmi5m1jigiOc5mtnr7ICdrrifCeyR%2F9lUCYxukiVZy6syx0Lhdb6Aw1pLV%2F55RtmYaLntNUYiTUC5Uvye4xCy27VyFp6SevLx4XreNCGZe9CcI%2FijlvrgN%2F0EhSl%2FZ7%2B2vawQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 94b59951-f83a-11ee-97e9-6aa1aba1a91c
cache-control: max-age=31622400
cf-ray: 87c5664ead5a18df-FRA
x-cache-hits: 0, 0

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 81ms
46ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 13840692
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87c5664ecff96a76-TXL
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
10 KB 173ms
52ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636768
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJx92wZ4K80LdN7mCIkgQZK8HyYEiF3gz1aOkw5MXMcVAGLHRm7811RY9fY1SNwOmoeNUyZCWKJ9QMlS99LBnEmbYh3dEjPbTOB7oNt%2FrV%2FqKuN3GlDdL5kFWRhlY1u2IKCxVI6zNrQGrzql8nywsbEc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 87c5664f6d081e4d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
www.ormanager.com/wp-content/themes/orm-theme/ 4 KB
2 KB 166ms
164ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/style.css?123123123

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9a641e068d97aaa5fb7bb80b0a105dcc47abaac81b460c7e3f92b798787c833

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 17 Apr 2025 19:56:32 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-59dfbff8c8-7t4kh
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000077-CHI, cache-fra-eddf8230123-FRA
last-modified: Mon, 15 Apr 2024 16:52:25 GMT
server: cloudflare
x-timer: S1714321071.455545,VS0,VE8
etag: W/"661d5b49-10d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cm%2BxgT01kaOsk3qa%2FIS8wxLKH7N6a498Z5nU7uCmzXvM%2B8tRtpOeUSG3kI8yDiKY2qB9ZGu8STtt%2FlCeaCI%2F26x9RcGu%2Bi%2BSyzWMf84Uzh9KSb%2BMM1INe9DHVBHs9E0815ds3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 6c813f78-fc2b-11ee-88df-82cf6533afbe
cache-control: max-age=31622400
cf-ray: 87c5664ead5b18df-FRA
x-cache-hits: 0, 0

GET
H3 200 main.min-a55471ba.css
www.ormanager.com/wp-content/themes/orm-theme/assets/css/ 85 KB
13 KB 167ms
165ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/css/main.min-a55471ba.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7090a7e39ae5de23d8c846b71da778fde087003d7fe30b8f8da091c1cd70ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 20:07:17 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136679
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-scqdz
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100144-CHI, cache-fra-eddf8230033-FRA
last-modified: Thu, 11 Apr 2024 20:07:10 GMT
server: cloudflare
x-timer: S1714321071.460440,VS0,VE5
etag: W/"661842ee-155c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rQLzjc16GIV3V0%2BeB8LwoYlbGbz2OdUTwOdRUWpBVGgLk1cC53lHzKIm3EJd1SOkh9R38Dgex2ELc0lv%2Bm8aEYqBmOUGzVFHgQYkv7sOOsrQ8X1N8ErVdsFYwltNesDclx2VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 18a50ce7-f83f-11ee-97e9-6aa1aba1a91c
cache-control: max-age=31622400
cf-ray: 87c5664ead5c18df-FRA
x-cache-hits: 12, 0

GET
H3 200 jquery.cookie.js Show response
www.ormanager.com/js/ 3 KB
2 KB 168ms
166ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/js/jquery.cookie.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80596
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-qvkkb
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100107-CHI, cache-fra-eddf8230088-FRA
last-modified: Thu, 11 Apr 2024 17:25:02 GMT
server: cloudflare
x-timer: S1714377155.671041,VS0,VE3
etag: W/"66181cee-cb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f62QiO1PKIClFMZgiSsMPVyb4Xvh2EAIdL9u6ARHlJPZ2QI19GcRHDPxk4QOUOoPmO7JwgM5Tf%2BVNnSRZvfMzPW7BAhXyiMh9AhYVhi5ii1%2FVKbSOFa7wjmglUzCBKslIC4CGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 94b492da-f83a-11ee-8dfb-f656e1ab073b
cache-control: max-age=31622400
cf-ray: 87c5664ead5d18df-FRA
x-cache-hits: 0, 0

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 142ms
90ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 940
cdn-cachedat: 10/31/2023 19:15:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2484e60d2ae397ad2eae1234125ba7b8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 87c5664efd5d7728-WAW
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 140ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2138f60669e5a25802f3ea50358c847e15899cb104d3db81ba6f2a0e134ba252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Apr 2024 06:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:15:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Apr 2024 06:15:50 GMT

GET
H3 200 orm-logo.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 17 KB
18 KB 168ms
167ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/orm-logo.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b54de1182d996f2bc5d9b2a8d1097bea47d0e1eaeb8c4fa6b81e55b60df841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 20 Apr 2025 13:17:58 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38458
x-cache: MISS, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-2x8zb
alt-svc: h3=":443"; ma=86400
content-length: 17252
x-served-by: cache-chi-kigq8000064-CHI, cache-fra-eddf8230061-FRA
last-modified: Wed, 17 Apr 2024 16:42:59 GMT
server: cloudflare
x-timer: S1714419293.855546,VS0,VE5
etag: "661ffc13-4364"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BX14INzqPcRpbh0drKvsH1mXJbrS5QIHDOmvlJbiTv3AaDAt75Uyvh5MezUbwnJIZn0vfyj%2FJ7ZZmNWM59%2FSLf%2Fw23IsW0b7iUUOQ2tBm5jP2E2RHdKVU0dpWio29NbW5xqvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 3d68813c-fe4f-11ee-af57-2ef2abb1ce44
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5664ead5f18df-FRA
x-cache-hits: 0, 0

GET
H3 200 remediate-scaled.jpg
www.ormanager.com/wp-content/uploads/2024/05/ 546 KB
547 KB 168ms
168ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/05/remediate-scaled.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0b13b9654f2f7d5a605221200562464277985dbeabad26e4edda9dd0e6fe9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 19 Apr 2025 18:35:15 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38452
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-9jg6z
alt-svc: h3=":443"; ma=86400
content-length: 559292
x-served-by: cache-chi-kigq8000024-CHI, cache-fra-eddf8230135-FRA
last-modified: Thu, 18 Apr 2024 18:35:06 GMT
server: cloudflare
x-timer: S1714419298.495966,VS0,VE6
etag: "662167da-888bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qV55iqQ4HySReNHsgfPtnKkvNt9%2Bzcriz0CdGQHUR4y%2BLHx5poXQAhvmZ%2FF39Eznr13RfI4IO9RaJ5AZPCtup679YzYH4m9jTBz6iRYXvCLVzj3OZg2sSESBjWTod2l4XQ6vsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 65e9677a-fdb2-11ee-927a-7264cc17a67b
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5664ead6018df-FRA
x-cache-hits: 1, 0

GET
H3 200 terminate-scaled.jpg
www.ormanager.com/wp-content/uploads/2024/05/ 381 KB
381 KB 69ms
69ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/05/terminate-scaled.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b3c5b6631488b40e06e6d0ac6309b601aa8845290d54a07cbdc2167d62d57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 19 Apr 2025 18:33:57 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38453
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-59dfbff8c8-qrk82
alt-svc: h3=":443"; ma=86400
content-length: 389720
x-served-by: cache-chi-kigq8000083-CHI, cache-fra-eddf8230147-FRA
last-modified: Thu, 18 Apr 2024 18:33:49 GMT
server: cloudflare
x-timer: S1714419299.870803,VS0,VE6
etag: "6621678d-5f258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X7EcFML6ZeG0iPj1KsnHJzxP%2FiuKZwF3QhyMZqz%2BzNwnhSteVg2ZS5LPipNaWKab5SwtMiXL6qVPdav5LHg81rUbIqSHtXCA6zF9aop5QgfnCPu7hLp6qOHmTCc4p815E91kUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 3791b74d-fdb2-11ee-b1af-ca8eaf5e6450
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5664fbe5618df-FRA
x-cache-hits: 0, 0

GET
H3 200 shutterstock_609946820-scaled.jpg
www.ormanager.com/wp-content/uploads/2022/02/ 124 KB
125 KB 49ms
49ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2022/02/shutterstock_609946820-scaled.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faea4228b2a99be395497d9d851b47a92af6d3fc1cae8cf572d88af89f730551

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 26 Sep 2024 12:14:37 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38453
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-fbf6bf86c-j6bq6
backend-name: 167.82.237.85,443
alt-svc: h3=":443"; ma=86400
content-length: 127386
x-served-by: cache-chi-kigq8000085-CHI, cache-fra-eddf8230151-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000085_CHI
last-modified: Fri, 18 Feb 2022 16:11:20 GMT
server: cloudflare
x-timer: S1714419299.924511,VS0,VE5
etag: "620fc528-1f19a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDTeDiQOvhtG33tgBIndftsRkOzyWQO3h%2BuaD11rlyPfrWmoz7eoSz6WHGAaNiJZ4euLoKS2AoNGuxNFmmzkXJdYhtHTfr7pPrmNlpUg6Nht0o1Euar8aiAppw0hAJfbdHS0Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 434071f8-5c66-11ee-9380-3a7fa1e190a2
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c566506f0818df-FRA
x-cache-hits: 1, 0

GET
H3 200 ORM_0524-21.jpg
www.ormanager.com/wp-content/uploads/2024/05/ 191 KB
192 KB 52ms
50ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/05/ORM_0524-21.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd1a076857f9312f0877201ddf15bc6906de0de15e7b02a5965b1de4f77d0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 18 Apr 2025 18:02:58 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38453
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-qcns4
alt-svc: h3=":443"; ma=86400
content-length: 195767
x-served-by: cache-chi-kigq8000160-CHI, cache-fra-eddf8230065-FRA
last-modified: Wed, 17 Apr 2024 18:02:54 GMT
server: cloudflare
x-timer: S1714419299.912486,VS0,VE5
etag: "66200ece-2fcb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBoOHwohSaNPLURHrl4FVi5v%2FKuoY%2B7ksbuEU4dPm7mwH8M50bzIjIPpSDDdHw2T8satZZ%2FBH9E8jYgRf9dknT%2F2G8%2FRHv99wHK79mc%2B9NaoeC5w2BbmSOyztLEMtVab%2BJczZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: b96403a9-fce4-11ee-8a53-32d516d3423e
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695318df-FRA
x-cache-hits: 0, 0

GET
H3 200 or-letters.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 18 KB
18 KB 56ms
53ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/or-letters.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaef8bbaf4b10a667db38c6479a2069453033faab8fa3be14ef5cb3754cd6c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 17 Apr 2025 13:41:43 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38453
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b88b49ff7-7zvvb
alt-svc: h3=":443"; ma=86400
content-length: 18103
x-served-by: cache-chi-klot8100041-CHI, cache-fra-eddf8230041-FRA
last-modified: Mon, 15 Apr 2024 16:52:26 GMT
server: cloudflare
x-timer: S1714419299.508739,VS0,VE4
etag: "661d5b4a-46b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwwJwe4gna6hqJ7v7eivyhgcPIruiY2rgzjdN2KpSVzz0l9lUpfq9KunhjzPIrMKIUCAhv3UHw4%2FJQelt4cFomKmxeqJWHdlq6zDW7X%2BWqPet9tuQuBhKmlPI1SpCFzmesvqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 0f84d16f-fbf7-11ee-8b08-1ae56c3bd4cf
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695618df-FRA
x-cache-hits: 0, 0

GET
H3 200 1ORM_0424-COVER-225x300.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 23 KB
24 KB 283ms
282ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/1ORM_0424-COVER-225x300.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f7d6c0148df079679311ae7f000a869c6dcd960f33e5b1131bbee60567efd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 14 Mar 2025 15:44:17 GMT
date: Tue, 30 Apr 2024 06:15:50 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38452
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-cng5p
backend-name: 167.82.237.47,443
alt-svc: h3=":443"; ma=86400
content-length: 23439
x-served-by: cache-chi-kigq8000047-CHI, cache-fra-eddf8230094-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000047_CHI
last-modified: Wed, 13 Mar 2024 15:44:17 GMT
server: cloudflare
x-timer: S1714419298.495050,VS0,VE5
etag: "65f1c9d1-5b8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJ%2BPqO10hHefebmz27Z%2BxGVfhYN%2FNvf0StuIvY6YcVBZAESoDWnR6FlBv69JQJtZ8wm9Ln%2FmuRJO7eF6OewpqrFf8w2wj2jKgEL%2BbnO2xvj342%2B7Epb%2FsB13KCo7wNMpspQfKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 8d3969c7-e150-11ee-9dd8-165597ef5369
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5664ead6118df-FRA
x-cache-hits: 1, 0

GET
H3 200 asc-leader-logo-no-tagline.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 41 KB
42 KB 58ms
54ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/asc-leader-logo-no-tagline.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05e12145b7c6094497b4089b14b67d0d59fd0e080947d1bb8e2549cb55d7d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:29 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125807
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-scqdz
alt-svc: h3=":443"; ma=86400
content-length: 41908
x-served-by: cache-chi-kigq8000050-CHI, cache-fra-eddf8230126-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714331945.787784,VS0,VE10
etag: "66181cf1-a3b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZPXMZKknQOZJHj%2B%2BWy6wJG8mkJpaO0JCntV9KrZueyy96%2BXVLzxkl%2BO9PuUu%2FGvvKNtIPtNikZ6VSAgVJqnwrbBYmO1IzyY8C%2BEzTzKX3tbKsOKO1AxDUUXb6HQRNsIQCr6lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 83c9922b-f83a-11ee-97e9-6aa1aba1a91c
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695818df-FRA
x-cache-hits: 0, 0

GET
H3 200 OR_AMBanner.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 86 KB
86 KB 58ms
55ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/OR_AMBanner.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a674c2409821d4e965a3a435231bc3d5ac622b0d9dd668af3d03454ab67d3d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 24 Apr 2025 08:24:30 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38452
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-w9lhf
alt-svc: h3=":443"; ma=86400
content-length: 87630
x-served-by: cache-chi-kigq8000029-CHI, cache-fra-eddf8230149-FRA
last-modified: Mon, 22 Apr 2024 20:05:31 GMT
server: cloudflare
x-timer: S1714419299.021273,VS0,VE4
etag: "6626c30b-1564e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyDz%2Fho%2BMV2gYyIWKW2g72N4vFuIvOuuycOohZs2ucdFSQx06QFJKQXTxNzjGHxmTSftNrLXSqxxGIcFkg6EXHbHk7Yio7y%2F80zn3KVlFlSC%2FO0SmmdU5M%2FERLvKB3DMQ7wmBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: e7dfb73d-014a-11ef-a653-1e40e364ecfa
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695b18df-FRA
x-cache-hits: 0, 0

GET
H3 200 rfraps.png
www.ormanager.com/wp-content/uploads/2024/04/ 7 KB
8 KB 55ms
52ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/04/rfraps.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89801d4cb705ca2003489c0f15d449baa55e8a1efd7a4cd34755be1b956c5cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 30 Apr 2025 19:14:42 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32746
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-stjgw
alt-svc: h3=":443"; ma=86400
content-length: 7323
x-served-by: cache-chi-klot8100155-CHI, cache-fra-eddf8230065-FRA
last-modified: Mon, 29 Apr 2024 19:14:31 GMT
server: cloudflare
x-timer: S1714425006.776311,VS0,VE3
etag: "662ff197-1c9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JItVTSfQBFPfVxuhntZuw30H6gQrjoLBUbJcsI2EcfbHdFctqxVt3N2GmY%2BfWyjFXJJPgnW358J%2BnNt2qIz5r6ulD%2FAizrIjNFloFTr50KxZz7CGhUDX37VCpzjqy2Lc5Jlezw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: bb5718c2-065c-11ef-b59d-564b3e61d328
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695c18df-FRA
x-cache-hits: 3, 0

GET
H3 200 medpage-today-logo.jpeg
www.ormanager.com/wp-content/uploads/2024/01/ 4 KB
5 KB 59ms
56ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/01/medpage-today-logo.jpeg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5c89dc9e8efdbd4545aa3cb9f64cfd726dd9f573e5116ffa82dda6e774d3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 08 Apr 2025 06:04:08 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32746
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-t99mm
alt-svc: h3=":443"; ma=86400
content-length: 4571
x-served-by: cache-chi-klot8100097-CHI, cache-fra-eddf8230085-FRA
last-modified: Fri, 05 Jan 2024 18:09:20 GMT
server: cloudflare
x-timer: S1714425006.812177,VS0,VE4
etag: "659845d0-11db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kc3yXAHgOlf10CHCNyVuzgckSB3CcRDZHGcTteVAEDTywx0cz0hhfcTRLVRrJ8mNOVo8KxMkjk%2BDRz3oCtwt3zP%2FZSV3mb9odrNUaFHeDlwEbmRcfI4RNg1SoHe168w%2Fhl6pGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: a581e663-f4a4-11ee-adbc-5261855a3ffb
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695d18df-FRA
x-cache-hits: 0, 0

GET
H3 200 AAMI.jpg
www.ormanager.com/wp-content/uploads/2021/01/ 5 KB
6 KB 60ms
57ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2021/01/AAMI.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62afbe0f2ce9016a6ca5434bb1f5851c00197d278bbbc515c00e6fc9d686b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Oct 2024 16:57:30 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32745
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-68df99c475-fr8r7
backend-name: 140.248.77.21,443
alt-svc: h3=":443"; ma=86400
content-length: 5526
x-served-by: cache-chi-klot8100021-CHI, cache-fra-eddf8230109-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100021_CHI
last-modified: Thu, 21 Jan 2021 19:47:48 GMT
server: cloudflare
x-timer: S1714425006.432122,VS0,VE3
etag: "6009da64-1596"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oumRTo7Qy3Mtl3EsGD%2Bv6R9FVoFfr5RmhZKSafAAfa%2FrYporF2l8B4niNTzSw7rFLKY3x8psCWLbqD4oge5Fe4VtMzu2kBzurDwQfx0FurCWCK0nCcmg%2BVD%2Fsb8VJbdH%2BI70Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 197e1f07-678e-11ee-868f-c6b516db8804
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695e18df-FRA
x-cache-hits: 1, 0

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 132ms
56ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 30 Apr 2024 02:21:46 GMT
Date: Tue, 30 Apr 2024 06:15:51 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish
Age: 1445
x-cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11390
x-served-by: cache-ams21047-AMS
x-player-backend: g
Server: cloudflare
x-timer: S1714457751.204689,VS0,VE0
vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=1800
x-bapp-server
accept-ranges: bytes
CF-RAY: 87c56650eb7b58f6-TXL
x-cache-hits: 1044

GET
H3 200 leadership-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 8 KB
9 KB 76ms
73ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/leadership-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99eca15ff9addd9ead499e884eee2ce6ffb5dbc1e21dda13ce55b780ca2c1b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:59:44 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38452
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-zfj5t
backend-name: 34.122.185.33,9093
alt-svc: h3=":443"; ma=86400
content-length: 7912
x-served-by: cache-chi-kigq8000158-CHI, cache-fra-eddf8230088-FRA
backend-ip-port: 6cecXOA5eq1mdycR8IETIO--F_styx_fe1_b_sharedvpc_dmz_05
last-modified: Mon, 11 Mar 2024 18:57:06 GMT
server: cloudflare
x-timer: S1714419300.634979,VS0,VE5
etag: "65ef5402-1ee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHdQSpY55zloFN2BFxMo0v2dlPOXYDXmQg1vJaYBCJlIXmSro7SfUmtehYF5Y%2BgBi%2BSjHPb1mR0BSoYxoHuOxLD%2BTb35%2BoMZ1UDinnfzJBL1vLnhs9PhxJ1RiwntJse%2BBvk%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 85d41653-dfd9-11ee-b5f8-2a8f611755d9
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652695f18df-FRA
x-cache-hits: 0, 0

GET
H3 200 disaster-prep-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 8 KB
8 KB 91ms
88ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/disaster-prep-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61384c102c2bcf613c9abc529fb6f185e88526006b089bf395d94d757afae395

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:59:44 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-ck6hp
backend-name: 167.82.237.134,443
alt-svc: h3=":443"; ma=86400
content-length: 7845
x-served-by: cache-chi-kigq8000134-CHI, cache-fra-eddf8230111-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000134_CHI
last-modified: Mon, 11 Mar 2024 18:57:19 GMT
server: cloudflare
x-timer: S1714419317.104340,VS0,VE5
etag: "65ef540f-1ea5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ken%2FwUzi5HtkrGXhDsMQiddS82zN1Vz8tZ2lrH4zKsaEVTG%2FYZTP7GqulxECX5HPJwmMstNJV4gvztppAZ4LeUkRlgIKOV%2Fw6320N7rrIVuKMt6EDOqM731zk8VVLdqvS%2BTVBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 85d46db5-dfd9-11ee-948b-2ed1bb361975
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696018df-FRA
x-cache-hits: 2, 0

GET
H3 200 rsi-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 9 KB
10 KB 92ms
89ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/rsi-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d68e64e8400eb2e298164580dd19dc58651d6587513cf95d659c6dc6902b2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:59:44 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-2rjxw
backend-name: 34.72.111.221,9093
alt-svc: h3=":443"; ma=86400
content-length: 9642
x-served-by: cache-chi-kigq8000116-CHI, cache-fra-eddf8230061-FRA
backend-ip-port: 6cecXOA5eq1mdycR8IETIO--F_styx_fe1_a_sharedvpc_dmz_01
last-modified: Mon, 11 Mar 2024 18:57:16 GMT
server: cloudflare
x-timer: S1714419317.141305,VS0,VE5
etag: "65ef540c-25aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCVASv%2BPmaf%2Bjbiwvv9gOZGtIaYYjuSMR94BtXgfUaziNbXD9oCjvgjQqxs9vqpW%2Bk49MqzxWw2Wnl3Wri9OBVsFUj33VE7fBJ55mj9Mb17P46UQUOifDjkVzWjL1UbKJfKjyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 85d3fd97-dfd9-11ee-87f7-5e84227f08cd
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696418df-FRA
x-cache-hits: 0, 0

GET
H3 200 ai-series.jpg
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 32 KB
33 KB 93ms
90ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/ai-series.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f9c2418ffb81fd9bf6a32c26f4134e1fcaafb75e2a97e4bf5065c99494971f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 19 Apr 2025 09:30:17 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-59dfbff8c8-xndfq
alt-svc: h3=":443"; ma=86400
content-length: 33230
x-served-by: cache-chi-kigq8000081-CHI, cache-fra-eddf8230139-FRA
last-modified: Wed, 17 Apr 2024 07:26:45 GMT
server: cloudflare
x-timer: S1714419317.146362,VS0,VE6
etag: "661f79b5-81ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iI92ERy0PMuk%2FIRvDY49I12j2KBnoIqPXloeNkozw79%2BFuYkeNgXHTV9FHnbOxzTIOCDd9e9Rxl0oEg0e%2BN6fOBPqkbkcbAPIJOX1hImb4ldtQbUqwzq5y7NYVzrAboWbuERRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 44b7a80b-fd66-11ee-b03b-aae3bc202774
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696518df-FRA
x-cache-hits: 0, 0

GET
H3 200 ormc_22_05230-1-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 15 KB
16 KB 93ms
91ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/ormc_22_05230-1-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51bb3aea2e977a9cdd447643f74bbf6d33d9d7dea16a867efbedaf2b740ea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:59:44 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-9s4l8
backend-name: 167.82.237.150,443
alt-svc: h3=":443"; ma=86400
content-length: 15766
x-served-by: cache-chi-kigq8000150-CHI, cache-fra-eddf8230073-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000150_CHI
last-modified: Mon, 11 Mar 2024 18:57:13 GMT
server: cloudflare
x-timer: S1714419317.144294,VS0,VE5
etag: "65ef5409-3d96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3zYKsKlcWP4TWqY9cd5ucwcf2KvHl%2B2jm5wLMRZrMGi1gWnCCvk044w1v%2B9w4xFJb2lASuEP%2B1OWM8agXJ1%2BYaka9vjliS7Q36HFj4nXgKklfydYOZPiNAajvpUQhYVgtr5iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 85d4d889-dfd9-11ee-85e1-8e358583a1f1
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696618df-FRA
x-cache-hits: 1, 0

GET
H3 200 DataDrivenExcellence.png
www.ormanager.com/wp-content/uploads/2024/03/ 19 KB
20 KB 94ms
92ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/DataDrivenExcellence.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4493a3d0281d1a3d637d2a85f414527f19eeb283d5e5c921583662feb2b837

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 16:45:57 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-qj46c
backend-name: 140.248.77.125,443
alt-svc: h3=":443"; ma=86400
content-length: 19816
x-served-by: cache-chi-klot8100125-CHI, cache-fra-eddf8230099-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100125_CHI
last-modified: Mon, 11 Mar 2024 16:45:55 GMT
server: cloudflare
x-timer: S1714419317.141185,VS0,VE5
etag: "65ef3543-4d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBzTqEb0ucQpvmLqfeYsYVccD8xjWype97%2ByzmLd6Rsk0PstKzl84NqRxWAXsvsu0i3Bt%2BJSZQit%2FgC4E79Vu111H3tf7n9OwF74yj6ge7YPXx1MR8ZdEDLhjaktbomqtbVvbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: d55aa07f-dfc6-11ee-8acb-268a20dd5d14
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696718df-FRA
x-cache-hits: 1, 0

GET
H3 200 analyticsbasedlearning.png
www.ormanager.com/wp-content/uploads/2024/03/ 17 KB
18 KB 95ms
93ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/analyticsbasedlearning.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

359da6865420e6799bc62640a84021b094bf31d86686abf441f5bf32d8e94a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 16:45:54 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-bcdhb
backend-name: 140.248.77.49,443
alt-svc: h3=":443"; ma=86400
content-length: 17133
x-served-by: cache-chi-klot8100049-CHI, cache-fra-eddf8230125-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100049_CHI
last-modified: Mon, 11 Mar 2024 16:45:53 GMT
server: cloudflare
x-timer: S1714419317.142495,VS0,VE5
etag: "65ef3541-42ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC%2FoReo7HwPUy6LgZ4TOCsVZzjhKM8CvBWkbNXs46SpKFgtDSO%2BIyF%2Br3X4644Lh%2F%2BvGP%2FOijJLn3OYW8FGpltybNzVIqtTPtx2XUeYLiTICYSoYTVePEBCICeGmwoUICiuP1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: d3e19224-dfc6-11ee-afc8-76a99fa2e0d4
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696818df-FRA
x-cache-hits: 2, 0

GET
H3 200 datadrivendecisionmaking.png
www.ormanager.com/wp-content/uploads/2024/03/ 19 KB
20 KB 96ms
94ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/datadrivendecisionmaking.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3418f02d5132cc106fb74bdba992c0d096b0dfd86f7aa5bf4eebb3a834f52dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 16:45:56 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-qj46c
backend-name: 167.82.237.94,443
alt-svc: h3=":443"; ma=86400
content-length: 19524
x-served-by: cache-chi-kigq8000094-CHI, cache-fra-eddf8230053-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000094_CHI
last-modified: Mon, 11 Mar 2024 16:45:54 GMT
server: cloudflare
x-timer: S1714419317.151813,VS0,VE3
etag: "65ef3542-4c44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ns%2BSGyXRvi8bs8BQ73BjY6UfrHmQuABvZx%2BcSwRuG7Qh0Ez8DQ81A1YcgbYBAJyQOJ1sxXYnRJLcBC24ycvf9qEXL7eL%2BRB9yWPreepEtQWLxR%2FWoqTdLUc31ojnW21TJRKzsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: d4ba31c2-dfc6-11ee-8acb-268a20dd5d14
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696918df-FRA
x-cache-hits: 1, 0

GET
H3 200 4-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 384 KB
385 KB 98ms
95ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/4-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae96f5cef4e19c9f2a138f5b0368aad46a71f9f7852b8d55c11cb4bd33b8963

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:50:07 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-spzwc
backend-name: 167.82.237.24,443
alt-svc: h3=":443"; ma=86400
content-length: 393385
x-served-by: cache-chi-kigq8000024-CHI, cache-fra-eddf8230139-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000024_CHI
last-modified: Mon, 11 Mar 2024 16:46:15 GMT
server: cloudflare
x-timer: S1714419317.147599,VS0,VE7
etag: "65ef3557-600a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEGRjq%2BZazqpTHc%2FbEnbzk%2Bvte1mlkzOG4F4w5zu9JDi8PVXf3KJ2r6SwSG2h0q%2FgiOl9gtKAGCLcZM99Rzl95yfr867pTIw5pd4sAJf42l%2BuoRhARjqDFTbTHf1dHI1SFoKDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 2e0148fc-dfd8-11ee-b5b7-5278c98b8bf4
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696b18df-FRA
x-cache-hits: 1, 0

GET
H3 200 5.png
www.ormanager.com/wp-content/uploads/2024/03/ 416 KB
417 KB 135ms
133ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/5.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b619fb48856262958728b749d6ae69c4c12f4d5a8373144ac7e325a2403d54e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:49:22 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-v6wjg
backend-name: 140.248.77.61,443
alt-svc: h3=":443"; ma=86400
content-length: 426317
x-served-by: cache-chi-klot8100061-CHI, cache-fra-eddf8230101-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100061_CHI
last-modified: Mon, 11 Mar 2024 16:46:19 GMT
server: cloudflare
x-timer: S1714419317.149511,VS0,VE5
etag: "65ef355b-6814d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEWY7miyTgBrsT8V8ah72DbwQL4tjdJQDscnxaejE0i5zQtR7i9gVsO4CvngVjxbLgw9%2Bsz%2Fs6hQPpbzIVoNN9Btxx28BnTfTtHQ9B%2BRi1dsAEKevzRsZBiKwanojI38lvUKFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 1376813b-dfd8-11ee-8516-4e8ac19755c9
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696d18df-FRA
x-cache-hits: 1, 0

GET
H3 200 1.png
www.ormanager.com/wp-content/uploads/2024/03/ 410 KB
411 KB 179ms
176ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bd37e17ef1fe27935d0af32ea06624988813a5cf89dc6f444edb47b5c53654

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:48:53 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-vzbqm
backend-name: 167.82.237.168,443
alt-svc: h3=":443"; ma=86400
content-length: 419761
x-served-by: cache-chi-kigq8000168-CHI, cache-fra-eddf8230034-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000168_CHI
last-modified: Mon, 11 Mar 2024 16:46:05 GMT
server: cloudflare
x-timer: S1714419317.155168,VS0,VE5
etag: "65ef354d-667b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vOxpa5mK1Z%2BuHJ58jPlBZZYG9MQUUuRq14OnnGVKX80mQYDixKzIJmVKXGYwG34xRj8Zt2a48PA%2BqZZ33F3opgx2CQcwFDzxIuCBsroTx2YAy7CUQI4ndumXTUygDGbEWwCMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 0227c8bf-dfd8-11ee-9eea-02761aa84030
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652696e18df-FRA
x-cache-hits: 1, 0

GET
H3 200 2-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 424 KB
425 KB 218ms
216ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/2-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beba8d621b4950294ebd97bc5f8187744eebb0d55647856a1a42d234064f75bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:53:43 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-qrjxn
backend-name: 140.248.77.150,443
alt-svc: h3=":443"; ma=86400
content-length: 434266
x-served-by: cache-chi-klot8100150-CHI, cache-fra-eddf8230112-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100150_CHI
last-modified: Mon, 11 Mar 2024 16:46:09 GMT
server: cloudflare
x-timer: S1714419317.257946,VS0,VE5
etag: "65ef3551-6a05a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29eM7xP06czEbD3Bts6QDGuN3DvRpsj92F9TeRx%2B8DNZueoCltayrAhweNIXpwWKi1OMDExlqShsSIIggUwuUrX8WrpoFv2oYeENudQcIOsPBM8vHr9G8bNFRwoHA6v9QP%2B%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: ae96cf01-dfd8-11ee-987f-4a95051142df
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697118df-FRA
x-cache-hits: 1, 0

GET
H3 200 3-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 386 KB
387 KB 259ms
256ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/3-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79898bfbe1e87e1fc9342125c30a7a9e1733a16d3d0b23e17731885d5b207a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 18:51:10 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-vzbqm
backend-name: 34.122.185.33,9093
alt-svc: h3=":443"; ma=86400
content-length: 395132
x-served-by: cache-chi-klot8100021-CHI, cache-fra-eddf8230098-FRA
backend-ip-port: 6cecXOA5eq1mdycR8IETIO--F_styx_fe1_b_sharedvpc_dmz_05
last-modified: Mon, 11 Mar 2024 16:46:12 GMT
server: cloudflare
x-timer: S1714419317.261289,VS0,VE81
etag: "65ef3554-6077c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY%2FCkCMYUvHDikbM3PRXNiOtInU%2B0sf2fGPGmZwHlOOSqHa06kOvjZthd6i93ezjb%2FWK0FplW%2F7NSP%2FLJVp0dHuWScgTha54%2B8GnOIrb1q4v6urxKGcXcf%2ByRybNQVE%2ByGaq%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 53a9521b-dfd8-11ee-9eea-02761aa84030
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697218df-FRA
x-cache-hits: 0, 0

GET
H3 200 orm-240x80.png
www.ormanager.com/wp-content/uploads/2024/03/ 5 KB
6 KB 297ms
295ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/orm-240x80.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8936cb632799aea6cdd63fc728d4b6332d9f0785d562cf414ee208d387f0f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 22:14:14 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-qj46c
backend-name: 167.82.237.43,443
alt-svc: h3=":443"; ma=86400
content-length: 5254
x-served-by: cache-chi-kigq8000043-CHI, cache-fra-eddf8230096-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000043_CHI
last-modified: Mon, 11 Mar 2024 22:13:47 GMT
server: cloudflare
x-timer: S1714419317.255752,VS0,VE8
etag: "65ef821b-1486"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOquC6fpPx6FT%2BwQ6Iklp6%2BoLTiOfrJ290CGS57EoJIJO6TptE76ECegoRM6J21UmEKKr0IKenlSC%2Fapn0IVZUMosAc4%2BpjkmM02UgFKPwdDRjloSHdjwl2TvhcdUz6sKCzIgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: b1abafaf-dff4-11ee-8acb-268a20dd5d14
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697318df-FRA
x-cache-hits: 1, 0

GET
H3 200 orbmc-240x80.png
www.ormanager.com/wp-content/uploads/2024/03/ 16 KB
17 KB 298ms
296ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/orbmc-240x80.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416455c86e68ef950308d1e274895568ebf96ddee07165eb2bc9c64707693a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 12 Mar 2025 22:14:14 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-9s4l8
backend-name: 34.122.185.33,9093
alt-svc: h3=":443"; ma=86400
content-length: 16182
x-served-by: cache-chi-klot8100103-CHI, cache-fra-eddf8230029-FRA
backend-ip-port: 6cecXOA5eq1mdycR8IETIO--F_styx_fe1_b_sharedvpc_dmz_05
last-modified: Mon, 11 Mar 2024 22:12:55 GMT
server: cloudflare
x-timer: S1714419317.272052,VS0,VE4
etag: "65ef81e7-3f36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiAiEGubquxMNuSQKiuSdrjfDHwgqp7P2JlaA4Lu75MacrUm5qguX0IywzlyaUYeUtxVeMP7dt%2BS9ZWn%2BhPFTIEP6198kb8usBZWZUFASBdrT%2FbeTHT9u5cpA2ZnoGE%2F3vHt%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: b1ab20af-dff4-11ee-85e1-8e358583a1f1
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697418df-FRA
x-cache-hits: 0, 0

GET
H3 200 41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg
www.ormanager.com/wp-content/uploads/2022/10/ 38 KB
39 KB 299ms
297ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2022/10/41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489168ccbdeb0ec45ce5c7ce266303272b2bf198b730d888c3fabdab73b052e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 26 Sep 2024 16:25:45 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-fbf6bf86c-wc6pz
backend-name: 167.82.237.126,443
alt-svc: h3=":443"; ma=86400
content-length: 38803
x-served-by: cache-chi-kigq8000126-CHI, cache-fra-eddf8230150-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000126_CHI
last-modified: Wed, 12 Oct 2022 16:13:10 GMT
server: cloudflare
x-timer: S1714419317.254517,VS0,VE10
etag: "6346e796-9793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCJ5%2BU1Z7uAohmLSmxpE8SJNKe0CiAny0dH%2FZ15vPZPOU0qI7PUpJTt7Hm5PjpBZ%2F0lRkGxQReu%2BwbsLDb6zt%2FXTAb8HiOAyrwWT6QaDAJbEHvw53BxJ6zo8%2BCcRGN%2Bi6SB3SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 587544b3-5c89-11ee-a73f-7e51396aad3a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697518df-FRA
x-cache-hits: 1, 0

GET
H3 200 education-center-top.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 31 KB
32 KB 304ms
302ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/education-center-top.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b3ee62bbab4fbd0e46cc715a920fe8956931222f425d2acfef31585eff6abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:29 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38434
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-252xz
alt-svc: h3=":443"; ma=86400
content-length: 31780
x-served-by: cache-chi-kigq8000098-CHI, cache-fra-eddf8230055-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714419317.257287,VS0,VE4
etag: "66181cf1-7c24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lVkbIWq5UKhVa0iIQ7BV0Y639xYPcMrY5hn%2B7EzroqqU6W8TExbep9nwM4kxafN6rI39jcVvf2exfpWhC69RJTnDsleFS6wdt4phA19LbGzwbumt4kIXCUFkVq1v37B7ux76Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 83c8b192-f83a-11ee-a6e1-c280e6ba379a
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697718df-FRA
x-cache-hits: 0, 0

GET
H3 200 education-center-bottom.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 335 KB
335 KB 323ms
321ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/education-center-bottom.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c49e1205cdb3076a1e6697b709d9444db626281b8815dc992cc71a7909b78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 24 Apr 2025 08:24:31 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125805
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-2x8zb
alt-svc: h3=":443"; ma=86400
content-length: 342742
x-served-by: cache-chi-klot8100087-CHI, cache-fra-eddf8230119-FRA
last-modified: Mon, 22 Apr 2024 20:05:36 GMT
server: cloudflare
x-timer: S1714331946.208386,VS0,VE6
etag: "6626c310-53ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ump5zK3M%2Fl%2BOyRzZqWj9rJBMeihZTTj8uCLLbbGAvztSMN9HaeRsH53LYaM%2FZcVzIIbDLe%2BVrwn%2F2qAQ8KzBwHQE%2F%2B%2FmWEgMKcDnHtgQHh%2BCNgwyciClRFBuWR%2B1iXiOGrJ%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: e8fb0e08-014a-11ef-9f34-2ef2abb1ce44
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c56652697818df-FRA
x-cache-hits: 0, 0

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 40ms
40ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 863
age: 13646003
cdn-cachedat: 11/18/2022 06:19:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 12fce6e1ed97d04b1f68642e02a84dd4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87c56650bc6a6a76-TXL
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 2 KB
652 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:700

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

995185d0b22be89c14ff07a7d181d82a9e65165fd52d321c43c92606e3c58ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:15:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H3 200 main.min-3b043c51.js Show response
www.ormanager.com/wp-content/themes/orm-theme/assets/js/ 7 KB
3 KB 48ms
47ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/js/main.min-3b043c51.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8f379e7798c0c19db5927db7c0aca833170d3f479f360d5b2f7200492cb0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3312747
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-86bfdff76b-rjgjk
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100141-CHI, cache-fra-eddf8230137-FRA
last-modified: Wed, 20 Mar 2024 17:05:51 GMT
server: cloudflare
x-timer: S1711145005.775356,VS0,VE3
etag: W/"65fb176f-1a67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OgxPWJF2ISTwfijw1tYwueup4hYVnaALldDjdRRYWdUgunw44h7%2BTIkw6OYQ3ROPsGZQp%2BasmovDfPcclQO0U%2FBCkuPcIQUuJrCBRLJMpq0yMO%2BgBG9b1hDvuA2ai60JorLfCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: e0324c1a-e6dd-11ee-973b-d2a4c65c1225
cache-control: max-age=31622400
cf-ray: 87c566514ffd18df-FRA
x-cache-hits: 12, 1

GET
H3 200 comment_count.js Show response
www.ormanager.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
1 KB 47ms
47ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 18 Apr 2025 13:38:10 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38453
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5648cff58c-gzv2p
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100118-CHI, cache-fra-eddf8230096-FRA
last-modified: Mon, 15 Apr 2024 16:52:25 GMT
server: cloudflare
x-timer: S1714419298.337700,VS0,VE4
etag: W/"661d5b49-379"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOBGO3OO9F2mqyx3r4YwqvOWmxwj9w49KafqLKbt9DT4o%2FDhgS4PNNa9H3DEVaaEHsX%2B%2BZJJ2kYltRqK6%2Bx7UIL6FOtg1I9pR2FZvukab%2BgW62QZfU3eBOJQY7XgLFPsKTU3iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: bb2e9a0c-fcbf-11ee-9f7b-82a76dbf96c7
cache-control: max-age=31622400
cf-ray: 87c56651580d18df-FRA
x-cache-hits: 0, 0

GET
H3 200 password-lost.js Show response
www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/js/ 902 B
1 KB 49ms
49ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/js/password-lost.js?ver=1.0.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8265097b8810ca03eecb3cbb7f454a3ff597af15840381e849aa9eeae3b5d7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 17:18:31 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326373
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6db6469467-8ccqf
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100130-CHI, cache-fra-eddf8230139-FRA
last-modified: Wed, 20 Mar 2024 17:05:51 GMT
server: cloudflare
x-timer: S1711131379.888389,VS0,VE12
etag: W/"65fb176f-386"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAgroiPu8ni9XaXafgmW6FdAy4a1fsG7Z%2FbmHlj9LaBwaWcHw8nTNPEq9qjiaXPsEPxhddVnUZaUrzPS7uZaCkG8dcj4Fmp8NYNdKq1R%2FSQYPY5U0gvLOvbhCKRhD6AX6bWAMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: e032f5fc-e6dd-11ee-863d-4a57c366556c
cache-control: max-age=31622400
cf-ray: 87c56651985918df-FRA
x-cache-hits: 1, 1

GET
H3 200 gtm4wp-form-move-tracker.js Show response
www.ormanager.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
1 KB 51ms
51ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.18.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b6c741e29cbd1bf04d6ab418b878aa70358b9c10cb3edbe7ba7cd9d5a8c3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:58 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136680
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-ccpc7
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000153-CHI, cache-fra-eddf8230123-FRA
last-modified: Thu, 11 Apr 2024 17:25:03 GMT
server: cloudflare
x-timer: S1714321071.455225,VS0,VE7
etag: W/"66181cef-5d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ui5UZSdMW0ffRaGAuPIHtUqJWh17tXsMEmCmNxt7JzPskcOctdAG5PzedXN9%2BzljRAWxc9g3u3%2Foi4hCKRH2FumA8Uz0N%2FDlsfpOfg3vOEeT%2BSFJlONc%2FSfpNH29LC%2F2mw%2FT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 951f2431-f83a-11ee-9837-ea497495bc15
cache-control: max-age=31622400
cf-ray: 87c56651a86918df-FRA
x-cache-hits: 8, 0

GET
H3 200 wp-polyfill-inert.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 49ms
49ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 17 Apr 2025 11:36:55 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120382
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5b88b49ff7-fq97v
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100073-CHI, cache-fra-eddf8230121-FRA
last-modified: Mon, 15 Apr 2024 16:52:26 GMT
server: cloudflare
x-timer: S1714337369.440126,VS0,VE5
etag: W/"661d5b4a-1feb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qo3PJsjgrRrc4dOdeVQU7kuEi2MoFagYR6ROMcxLb1qV3FfwCMbkumizw2VrxKvbT3QGm5rvtHnXCfjv22uRAN1ubru3IqLBtbAoip6Xsno%2BRoMgbee37wHv32784lorAgOCHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: a077fe98-fbe5-11ee-9c78-6229530f8e87
cache-control: max-age=31622400
cf-ray: 87c56651e8d118df-FRA
x-cache-hits: 0, 0

GET
H3 200 regenerator-runtime.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 48ms
48ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 18:53:51 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120382
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-4qs29
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100160-CHI, cache-fra-eddf8230148-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714337369.451037,VS0,VE4
etag: W/"66181cf1-19cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQrkW1d6pHPGWWOebX0QfinNOFsG8%2FL0GVHBZxKZ%2FYkYz%2BU3sbjG2wGE5246amTjvduLcsCyjBu8Mzm%2FzOnbeFO1DVy7PvmMWtQmc2q1pvrFUmHfGsYYcIF6MDm4NXuU3a9%2FQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: d6401da5-f834-11ee-b85e-ba26c9eba1c4
cache-control: max-age=31622400
cf-ray: 87c56651f8f018df-FRA
x-cache-hits: 0, 0

GET
H3 200 wp-polyfill.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 16 KB
7 KB 48ms
48ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 18:53:51 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120382
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-4qs29
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000088-CHI, cache-fra-eddf8230148-FRA
last-modified: Thu, 11 Apr 2024 17:25:06 GMT
server: cloudflare
x-timer: S1714337369.499292,VS0,VE5
etag: W/"66181cf2-3f12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkTarRzVNQ9yJV%2FPKiRoAbP8moeL%2Bf0PUp6B7xj8lcA%2FxN65uidmlgKn%2FJNlH%2FHSs7Wfi%2Fl%2BSGydH2NNKTlTWvTd2eKVrWyW0xxv6kn%2Fo2ehfcCwdvjvUEAXfclLEwomJ5Z%2BJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: d6621083-f834-11ee-b85e-ba26c9eba1c4
cache-control: max-age=31622400
cf-ray: 87c56652392f18df-FRA
x-cache-hits: 8, 0

GET
H3 200 hooks.min.js Show response
www.ormanager.com/wp-includes/js/dist/ 5 KB
2 KB 49ms
49ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 18:53:51 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120382
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-ccpc7
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000091-CHI, cache-fra-eddf8230114-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714337370.511519,VS0,VE7
etag: W/"66181cf1-1213"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGuaCf3JPDfpGnEBLCfBSAU%2Fje5%2BW1LP5kIDKLou06Zx2zI5zjMp2J4eFKgq%2B%2BXUIWs0asK8a3efwKGMOh%2BJ6m7x2d%2FaLPzSoWNRFWZIhEZ60DTy5SaM0fP1WWXiftVis51Myw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: d661f607-f834-11ee-9837-ea497495bc15
cache-control: max-age=31622400
cf-ray: 87c56652493818df-FRA
x-cache-hits: 7, 0

GET
H3 200 loader.js Show response
www.ormanager.com/wp-content/plugins/wp-parsely/build/ 3 KB
2 KB 51ms
51ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wp-parsely/build/loader.js?ver=1d54726e91ce976b3e82

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962eaa3c1a2130ce8689105bb46d6454972927d761d9df30dd357c9373040b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 18:53:51 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120382
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6494bdc54b-twv6w
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100100-CHI, cache-fra-eddf8230150-FRA
last-modified: Thu, 11 Apr 2024 17:25:04 GMT
server: cloudflare
x-timer: S1714337370.566084,VS0,VE3
etag: W/"66181cf0-abf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJCSOnEVko3KoU59zY1I%2BkqK8Aq7CFyVa2uCEwKpna7Ol4%2BmHjDKO5d%2FhmTF5VD5e39p81KeCMwhR4994alS7Wvuw4iDvluspEg%2Bn1Tw%2B8DHzNqhCuG4nJ4mbCi18X9Djar5cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: d66234ca-f834-11ee-bae1-d61b447b0cc4
cache-control: max-age=31622400
cf-ray: 87c56652695018df-FRA
x-cache-hits: 0, 0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/ormanager.com/ 56 KB
21 KB 174ms
45ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/ormanager.com/p.js?ver=3.10.0
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e2fd3de8fb373508a533dae20a1166dd73434ab4e6fbfd2ddfc1fb3f9f6eae6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 29 Apr 2024 07:44:53 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 13:15:08 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 81058
etag: W/"65a6815c-dfbc"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: fwb0_OJiU3iddr_wEvtH3PWwICi_-6X98y4lN_cNpyfL77rRB9IN6A==
expires: Tue, 30 Apr 2024 07:44:53 GMT

GET
H3 200 new-tab.js Show response
www.ormanager.com/wp-content/plugins/page-links-to/dist/ 24 KB
10 KB 57ms
56ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:34:59 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136680
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-ktz9b
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100122-CHI, cache-fra-eddf8230132-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714321072.516287,VS0,VE5
etag: W/"66181cf1-609e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8pSHQTGRsF5UisG1iZfcPYNK4sCIOxMJSrSXHTQbB0px1MoQmFfEUfcb4yI%2BVbSRPXV2UaLGbyzB19meuWQVtNWp3v0bXb2Y5swC85wlCVhftRYJrzOIyZXFntcEH4fKpkB1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 9540bcb2-f83a-11ee-92b8-1a131ebcdc12
cache-control: max-age=31622400
cf-ray: 87c56652695118df-FRA
x-cache-hits: 1, 0

GET
H3 200 core.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 53ms
52ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 21 Mar 2025 21:49:27 GMT
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3312942
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-86bfdff76b-lm8hb
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100134-CHI, cache-fra-eddf8230108-FRA
last-modified: Wed, 20 Mar 2024 17:05:52 GMT
server: cloudflare
x-timer: S1711144809.283401,VS0,VE3
etag: W/"65fb1770-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2B6kXQBRucflD6TKhWfMjSFWkmK6MOx9JC%2FSYfi7pGU1wqm%2FS692BuGtToZ4%2FT1vV5dlNCVZSCI7S6R6UY6n4ci1FIxCLGPGsvL2rjk9wR1%2Fgc%2Bi9aPddoQcSSHgoSTGIpNc5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: b96da2ad-e703-11ee-b863-1274f1c1d9b3
cache-control: max-age=31622400
cf-ray: 87c56652695218df-FRA
x-cache-hits: 5, 1

GET
H3 200 core.BRQnzO8v.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 124ms
80ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js?ver=6.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"25da5432b1057724b8210f17e9b9db05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JkdzZgeLwdZZo9cosJZYkyN2Qk4%2BeJ%2FB9HVKD0EgJLcKZTPQpds4SlLFuv9%2FeogfsVwvOIAg%2B6vZrKGOWNCjVeFIEr0Mv%2FZ3o7QbbyN%2FYe1mdz50Cl8OoF85dYx1S6MBNgzJ4Meq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 87c566510de239be-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/ 450 KB
140 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 10:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71780
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143517
x-xss-protection: 0
server: cafe
etag: 15418045017249816870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 29 Apr 2025 10:19:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
77 B 303ms
225ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ormanager.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d5e6fdd0e1dc603947a9870af3f699e87abddd7f97276db962e9edefbd5789b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
100 KB 186ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a03cbb789f781aaf4bcfe55dc5d44d89fc96ea33076da54167f5936a6db2ee51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101908
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H/1.1 200
OK 883052591
player.vimeo.com/video/ Frame 8EAB 0
0 398ms
301ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/883052591?badge=0&autopause=0&quality_selector=1&player_id=0&app_id=58479

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 87c56652f83dbfee-WAW
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Apr 2024 06:15:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-5797668669-7vgq8
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-5797668669-7vgq8
x-player-backend: g
x-served-by: cache-vie6351-VIE
x-timer: S1714457752.543090,VS0,VE219
x-xss-protection: 1; mode=block

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 145ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 19:32:23 GMT
x-content-type-options: nosniff
age: 38608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 19:32:23 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 199ms
94ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 19:24:11 GMT
x-content-type-options: nosniff
age: 298300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 19:24:11 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 97ms
96ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
cdn-cachedat: 02/19/2024 11:12:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b40a3b2a48ca8a175477b5f9d37da9a3
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 87c566528a687728-WAW
cdn-requestpullsuccess: True

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 182ms
77ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 21:42:42 GMT
x-content-type-options: nosniff
age: 30789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 21:42:42 GMT

GET
H2 200 7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 220ms
115ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 14:46:58 GMT
x-content-type-options: nosniff
age: 401333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:11:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Apr 2025 14:46:58 GMT

GET
H/1.1 200
OK count.js Show response
ormanager.disqus.com/ 1 KB
2 KB 144ms
39ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ormanager.disqus.com/count.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW56-P1
Age: 182
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 29 Apr 2024 22:00:55 GMT
Server: nginx
ETag: "66301897-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 9ao_tgcuI8AqiueyIKfQnloF4Y34elwnwJGAOLPrvIx2r-_1lAX-wg==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 227ms
53ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1714457751582&plid=19ea0151-7ca1-49b6-8701-f2eb38f1f86f&idsite=ormanager.com&url=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&sref=&sts=1714457751581&slts=0&title=OR+Manager&date=Tue+Apr+30+2024+08%3A15%3A51+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=e5eba0cd-0f12-46b0-b847-9f02321d3562&u=pid%3De02d4a0c-ea8c-4b27-91a8-b7ce65a749dd
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:51 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 30-Apr-2024 06:15:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK vms.js Show response
vmss.boldchat.com/aid/322065871255520080/bc.vms4/ 53 KB
18 KB 672ms
204ms Script
text/javascript 35.80.158.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.80.158.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-56.boldchat.com

Software

BoldChat/8006 /

Resource Hash

135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: BoldChat/8006
ETag: "4113927A177D567C16AD555F70DA7004"
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
Cache-Control: max-age=7200, public
Content-Length: 18147

GET
H3 200 forms.js Show response
www.ormanager.com/wp-content/themes/orm-theme/js/ 0
725 B 187ms
187ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/js/forms.js?version=1714457751587

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-5wssg
date: Tue, 30 Apr 2024 06:15:51 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: MISS, MISS
expires: Thu, 01 May 2025 06:15:51 GMT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230024-FRA
last-modified: Mon, 29 Apr 2024 07:33:16 GMT
server: cloudflare
x-timer: S1714457752.626751,VS0,VE128
etag: W/"662f4d3c-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1N7t5oK7%2BJ5oP8TnYl7Nqiyz7cL%2BR0gB0dIXyaS4VDFLMTmVZwu2CjlP8Izbem2fcbsdUpNsJGc9u%2F1wYmAU36kp4pou%2BgT6kI1db5ChF9U2dbgPeYMdZrE9gwPP8X%2FuPOr1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 18395580-06b9-11ef-8b93-f2f52e1bfc3f
cache-control: public, max-age=14400
cf-ray: 87c566538a8418df-FRA
x-cache-hits: 0, 0

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 6844 0
0 105ms
61ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js?ver=6.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 13172
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 87c56653ec2b3738-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 06:15:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf100L6iTlFg050p7ry6jRCgFGHrlS0bsxSt474zPbv6Js%2FpRKoLWALzrYpDxRf3QjEFWUE4M2zn0fPIU%2FMuTy3YgdnJMM4pjeMhyeSgmPbO3S%2BATW9DbP6u5N%2FFxnuqjOOjZMjq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H3 200 admin-ajax.php Show response
www.ormanager.com/wp-admin/ 69 B
905 B 1068ms
1068ms XHR
application/json 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-admin/admin-ajax.php

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbda87e6a5563c11610f717b1b923ff681fc7ce5d7b0d024122cb6f16b7af15

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Tue, 30 Apr 2024 06:15:52 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 varnish, 1.1 varnish
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
content-encoding: br
x-cache: MISS, MISS
x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-z9j9j
alt-svc: h3=":443"; ma=86400
x-served-by: cache-chi-kigq8000167-CHI, cache-fra-eddf8230133-FRA
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-timer: S1714457752.628297,VS0,VE1019
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ormanager.com
x-styx-req-id: 18394baa-06b9-11ef-9586-3a3f3276620e
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulHD8wY619owIje8gUpshKfSALGKBJtorSpYLIVW5mt%2ByJ%2FOjPP71yteV7tctk%2BPd29czuigvDqalZRt6aAHDzVbQOlkm2wDd%2BZ1KLJjnOF1WxuNn6Wy0gmgDx1PvKOXOwhdLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex
cf-ray: 87c56653aa8c18df-FRA
x-cache-hits: 0, 0

GET
H2 200 json2.js Show response
apps.decisionbriefs.com/js/plugins/ 17 KB
17 KB 120ms
119ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/json2.js?_=1714457751138
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: 3f07a45b92419d219f1f41caac4b12421b89a725c16db41f531c32d62312b919

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "571057a8-44a0"
content-length: 17568
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
105 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4107986001cd5e2f27770652d1b5bb6e30a6cc4337c8eede7e81aa15bf36ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H2 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 148ms
39ms Stylesheet
text/css 2600:9000:223c:a600:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a600:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 01:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 17024
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 11:01:32 GMT
server: Apache
etag: W/"28820-1712919692000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: Z5XAcCTM62g9ZNao-zichkduJ4Ys-ySXHap-q90hoQHCjZrsWUxFMA==
expires: Mon, 29 Apr 2024 07:32:04 GMT

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 247 KB
69 KB 155ms
46ms Script
application/javascript 2600:9000:223c:a600:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a600:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9476829b95e258d910312ec7f2f30b425355061a2110d1e8f094b1c3a0587705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 02:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 15417
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 11:01:32 GMT
server: Apache
etag: W/"252633-1712919692000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: yGMXgjcebMm2s9Djg5bzlN1_yeZNUYbLldxsTdpTJC1p0D_LzcCuwA==
expires: Sun, 28 Apr 2024 13:58:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 05:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Apr 2024 07:41:03 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 86 KB
27 KB 145ms
46ms Script
text/javascript 2600:9000:2644:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: o2F5X.7ofwfn5AxK2mOAUr6cpAHiSmpn
Content-Encoding: gzip
Via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 05:34:39 GMT
Age: 2473
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 Apr 2024 18:17:04 GMT
Server: AmazonS3
Etag: W/"8527d40fe704871728ead7e7b8f103d2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: L9E6U39zE9n_TYesHpDd6OI8aV38V-wffMeEXu-J__0ZP2SZsNnYzA==

GET
H3 200 cookieconsent.min.js Show response
apps.accessintel.com/gdpr/ 27 KB
9 KB 108ms
51ms Script
application/javascript 172.67.172.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.accessintel.com/gdpr/cookieconsent.min.js?id=AwQ7ysOzp86W4nDEZlrN
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c82472eddc9f34f910d7f6a0561934d0e748cee8566a01a5c9c3b3fc98f5f73

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jun 2018 14:15:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45985
etag: W/"6a0c-56e727e7c34f1-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgI193g%2FLHoFsPdto62QxRhIto%2FqMHWioSnqdRuMyvTbctteaPx6X3klWTKyMRiUXpilfdH7HTCY%2FCE5FrUyp9kDznD2FvDILMNALEANqrNEGAeSduVgvRlTHnu8pGZDMKvefRYkcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 87c566549c4a37f2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Apr 2025 17:29:26 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-751974586&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aae80bc1698885368bcf75705a1dbcfd7c3730c6df2238c916fa6a142177548f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78154
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 120ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Apr 2024 06:15:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 87aSfxbQLF8gBSjT0ZspFPtw872MiZSAj0P7F9dT1uLvYVVUQKNzQxhCemYE25Ad6eUoCmWqMEkgJDzsJLxtog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b1wfmjvz Show response
widget.intercom.io/widget/ 7 KB
3 KB 128ms
41ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/b1wfmjvz
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d495e962c34954339e2e81b0d98dcda6f8051ff3214cc375210dc926f7fb2847

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Gow4gWoNWXV2vIbXJhcisgC2NT.lPuly
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 06:12:22 GMT
x-amz-cf-pop: FRA2-C1
age: 210
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Mon, 29 Apr 2024 14:13:46 GMT
server: AmazonS3
etag: "f15e12ead208606bb7d0dd0c9b19c6dd"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: 8aEZ-J65opnEm_p0ymWvHWLCaFN1QgZoN6Mb_B-EYeVJp3Dcr-2nXQ==

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 126ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js?account=D3N8S6eZYY
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d9500c0aaf52b5a427ebe5fa20b6cbb821041325bba86ec0f71477090c986fcb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:51 GMT
via: 1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 819
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 2386
x-accel-date: 1714455365
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3UgkAAAwB1GY4EQH3pgMAAA
x-accel-expires: @1714458834
x-77-age: 2386
last-modified: Fri, 26 Apr 2024 09:09:19 GMT
server: CDN77-Turbo
etag: W/"ff3cfe44c24cdd21e79b3f8ad63cce63"
x-77-nzt-ray: f6587a1df0628cec978c306685996030
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: 3Em5dW8sBqXM0EtXem_mos6B1tBpaLEMlGFQyPQfGYn9SO0shtsKAw==

GET
H2 200 w.js Show response
ssl.luckyorange.com/ 5 KB
3 KB 154ms
55ms Script
application/javascript 2606:4700:20::681a:4f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.luckyorange.com/w.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3467
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: cloudflare
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xy3Ai3yrl4RbcVhL%2BSEKtBLAl%2FSRT%2F2LzWX8sRzEUYdVm8YSVXvo9ke7%2F%2B5%2BDT102Y3LghJJYR3AEs3ys5t5PUuBkuRIamo5MP60CZBXx68UYilHjpabKXygfeaAamTkdJch9KxMm8V7ObhIImo9zrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87c56654ed544d7f-FRA
x-amz-cf-id: Npg9YLrY96b1Yu3KgFqqCEFZVeV9xyCkFaus8irKEYz2kkPiv9tLVg==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 68ms
66ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12891178&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4d10ad4f6ccdfb04d113ed59c5041bfaea930fc93cb145634b55f4b7261d30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76907
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Apr 2024 06:15:51 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 4 KB
2 KB 137ms
39ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 15:41:58 GMT
server: AC1.1
age: 162757
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1714
x-llid: 7d6acfe21ef027c554be209c55f17db2

GET
H2 200 wurfl.js Show response
apps.decisionbriefs.com/js/plugins/ 525 B
684 B 118ms
118ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/wurfl.js?_=1714457751139
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: 8283fc67f7c7448327574c49bda3245223d8a00b77100407b812746c12455adf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "571057a8-20d"
content-length: 525
content-type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 132ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je44t0v893216188z8830755158za200&_p=1714457751395&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1138413580.1714457752&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714457751&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&dt=OR%20Manager&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2435
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome...
12891178.fls.doubleclick.net/ Frame B0D6
Redirect Chain

https://12891178.fls.doubleclick.net/activityi;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chr...
https://12891178.fls.doubleclick.net/activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromiu...

0
0

76ms
76ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12891178.fls.doubleclick.net/activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0v9175490358z8830755158za201;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12891178&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 06:15:52 GMT
expires: Tue, 30 Apr 2024 06:15:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 06:15:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12891178.fls.doubleclick.net/activityi;dc_pre=CIeIr-qk6YUDFSNYHgId9p8CWQ;src=12891178;type=aiorm0;cat=levla0;ord=4588720173542;npa=1;auiddc=866615523.1714457752;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44t0v9175490358z8830755158za201;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 widget_app_base_1714122428673.js Show response
cdn.userway.org/widgetapp/2024-04-26-09-07-08/ 153 KB
44 KB 80ms
39ms Script
application/javascript 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js?account=D3N8S6eZYY
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a107c190f000e324121c68980b721824f4e2281a9151ca5e71aa8c5c4e7005ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:51 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 761
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334348
x-accel-date: 1714123403
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3DBoFAAwBnJIhHwH3CgAAAA
x-accel-expires: @1740043393
x-77-age: 334348
last-modified: Fri, 26 Apr 2024 09:09:13 GMT
server: CDN77-Turbo
etag: W/"cda3b23d62422c798717c9615ebc3896"
x-77-nzt-ray: cf878727530ed9bf978c306680a29c38
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: vXYGQFamykA2gWnGb-jG-KJjgksHNFjdmXttn7MCBEj37AAUbaFZLw==

GET
H2 200 frame-modern.540f6ce4.js Show response
js.intercomcdn.com/ Frame 17AC 516 KB
142 KB 293ms
136ms Script
application/javascript 18.245.46.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.540f6ce4.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b1wfmjvz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-10.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

63419f7066ed47c6949c2f43127c5f03486598921b0dd4732f6f251d21d81390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4.QaBNic6dydaW2kJStRPQtKf9mq.4yy
content-encoding: gzip
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 04:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 6026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145068
last-modified: Mon, 29 Apr 2024 14:10:43 GMT
server: AmazonS3
etag: "2651abf3388159fb4607c4766f8e489c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ShvH2_IlXqCJsL8uAKciLWb9NC48rAuuskAtb1iULW5kDuzgpUC56A==

GET
H2 200 vendor-modern.07772018.js Show response
js.intercomcdn.com/ Frame 17AC 482 KB
148 KB 202ms
45ms Script
application/javascript 18.245.46.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.07772018.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b1wfmjvz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-10.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4c9ffbfead2561df1df412da373a075ba7e280778d403355d652339a8a9bd7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2pQTAyPTcBEeeFQKIQ9vlX9mhAkPn2s2
content-encoding: gzip
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 05:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 3793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150799
last-modified: Fri, 26 Apr 2024 10:35:29 GMT
server: AmazonS3
etag: "b27b573e6b04daed0b4144a6e206ba93"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ZauE4vij2_HNzSnLbFQAXv2oI6W3cwkqtzGBicGrF23hJ6U1AW0aKg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 48ms
46ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=434824408&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&ul=de-de&de=UTF-8&dt=OR%20Manager&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=493802909&gjid=322640431&cid=1138413580.1714457752&tid=UA-784080-19&_gid=109216051.1714457752&_r=1&_slc=1&gtm=45He44t0n81KRPWWRBv830755158za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=258970182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser.js Show response
apps.decisionbriefs.com/js/plugins/ 7 KB
7 KB 119ms
118ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/browser.js?_=1714457751140
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: 3166b6172873ea9eda556121cbe9ff020315da2c1dcd3b165c8c8339fea7428b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "571057a8-1c41"
content-length: 7233
content-type: application/javascript

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

78ms
40ms

Script
application/javascript

2600:9000:2644:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: HTTP/1.1
Server: 2600:9000:2644:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ormanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 29 Apr 2024 17:41:56 GMT
Via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Age: 45240
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: k_Ph4p507o6qEi1OesB-2ShVQXouAOWGggdrKikS-XFC1InS9l3dCA==

Redirect headers

Date: Mon, 29 Apr 2024 23:07:31 GMT
Via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
Age: 25699
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xFR5KX6biE-YZPbTu2__VBQK0QxjxseOTWkYmka-uxb40TzIPMy0Yg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/ 9 KB
4 KB 674ms
634ms Script
text/javascript 2600:9000:2644:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: CxsSEpbTfBB7q5tMYMRuOMlFtXjtucJk
Content-Encoding: gzip
Via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 06:15:53 GMT
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 Apr 2024 12:01:38 GMT
Server: AmazonS3
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: b7zfvQM8SVpKXVL5gYFRkjzUep1HetcBka3z_DIQwAmH_2oiNnMhDA==

GET
H2 200 md5.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 6 KB
6 KB 119ms
119ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/md5.js?_=1714457751141
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:51 GMT
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "571057a8-187d"
content-length: 6269
content-type: application/javascript

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 303ms
158ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&s=330014

Requested by

Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853c185aabf3a2612f2a855485219381803e1608ff2c3bdc09df064ece2ee695

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ormanager.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6svqE%2BGylUlOoBsceR7hcjwtrMvxSZQ4EASVwMxXNa5Z0iq%2BEhZzWjxb61NW8a3%2BRMbS%2BUmC1T%2FmrJIk%2F3HFyepJKThMZ67ItBWJ8Zh1OqPBJ88yJ7MiiLzcAy7TjlfaCFeU%2FlMXc%2Fkffw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 87c566567f15366f-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 566ms
137ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Tue, 30 Apr 2024 06:15:51 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 560ms
136ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Tue, 30 Apr 2024 06:15:51 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
359 B 138ms
138ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Apr 2024 06:15:51 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 15
X-XSS-Protection: 1; mode=block

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 209ms
79ms Fetch
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51269
x-xss-protection: 0
server: cafe
etag: 17687950666006941048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 30 Apr 2024 06:15:52 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
359 B 137ms
137ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Apr 2024 06:15:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 9f3c9b28-fb7b-4698-a8f0-9ce7f447f230 Show response
cdp.omeda.com/olytics/segments/o/5ac59219d50647e1aa2b6e4c795e740a/c/0739H1713901D4E/a/ 25 B
346 B 703ms
139ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/o/5ac59219d50647e1aa2b6e4c795e740a/c/0739H1713901D4E/a/9f3c9b28-fb7b-4698-a8f0-9ce7f447f230

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 25
X-XSS-Protection: 1; mode=block

GET
H2 200 518322662332686 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 163ms
163ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/518322662332686?v=2.9.154&r=stable&domain=www.ormanager.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f36452f9124d578c60e90a49b1697b75b8f1aa3c7c27783ca461cb4c8ba4bb61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Apr 2024 06:15:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=64, mss=1294, tbw=63203, tp=-1, tpl=-1, uplat=123, ullat=0
pragma: public
x-fb-debug: FOGmgDl32Y28zMvwM4ke/Gm25wMqWnh55/Lr5nbhSsrUb3gKibAlgtRPH5h2h56PAaX1squQRAi/88+pFgZuyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 153ms
48ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-784080-19&cid=1138413580.1714457752&jid=493802909&gjid=322640431&_gid=109216051.1714457752&npa=1&_u=YCDACEAABAAAACAAI~&z=211787781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Apr 2024 06:15:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 D3N8S6eZYY Show response
api.userway.org/api/tunings/ 3 KB
3 KB 591ms
197ms XHR
application/json 2600:1f14:5db:eb00:587:d70f:3a38:c7aa
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/D3N8S6eZYY
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:587:d70f:3a38:c7aa Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6608187998e51c245fa75ffdcbf125d9e30b06a5c242af488791d732bc7bb755

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
etag: W/"b0b-0eXHKW4f8tN/ZDgktohSAI05Fko"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr87ed07c1610e45e
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2827
x-service-version: uw-pr

GET
H2 200 GRF2WTX3ENFVZOARHY6IYZ Show response
d.adroll.com/consent/check/ 544 B
637 B 171ms
55ms Script
application/javascript 2a05:d018:cc3:fe04:3392:7b68:4327:e9ec
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GRF2WTX3ENFVZOARHY6IYZ?pv=76527122292.13052&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&_s=2a12a61414aa64f819046642d85ce141&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3392:7b68:4327:e9ec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: aca6a021c16cb27b7cc80573c223965fcbfa6067afbd1e7a8b8e3b1f0e189e0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
server: nginx/1.22.1
content-length: 544
content-type: application/javascript

GET
H2 200 cookies.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 2 KB
2 KB 118ms
118ms Script
application/javascript 54.89.48.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/cookies.js?_=1714457751142
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.89.48.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-89-48-242.compute-1.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: de23dad9886751ad5923ff70890c37a7a77b3221a18677c5ddfe483862dc63f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
last-modified: Mon, 18 May 2020 19:43:41 GMT
server: nginx/1.25.4
accept-ranges: bytes
etag: "5ec2e56d-900"
content-length: 2304
content-type: application/javascript

GET
H3 200 2039886252854831 Show response
connect.facebook.net/signals/config/ 29 KB
5 KB 182ms
182ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2039886252854831?v=2.9.154&r=stable&domain=www.ormanager.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

7879da1408dabe7cc155a9e63e025eb5d2cdefef4ec283763fa7f48549824fa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Apr 2024 06:15:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=33, mss=1232, tbw=4328, tp=9, tpl=0, uplat=141, ullat=0
pragma: public
x-fb-debug: Eh+gMu+gEo8F7jmefVT9pTGVOookb0UIT1zVuzxgEWBZ4MQVyGCbrTUf8h2FTI89zskA+gUTmL4AKiE2+oQEFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 122ms
41ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=518322662332686&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&rl=&if=false&ts=1714457752112&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1714457752112.438557673&ler=empty&cdl=API_unavailable&it=1714457751938&coo=false&tm=1&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Apr 2024 06:15:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

HEAD
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0 0ms
0ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29969
x-xss-protection: 0
server: cafe
etag: 984 / 19843 / m202404250101 / config-hash: 4255553072851817045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 06:15:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je44t0v893216188za200&_p=1714457751395&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1138413580.1714457752&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEE&_s=2&sid=1714457751&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&dt=OR%20Manager&en=form_start&ep.form_id=core_tracking_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fapps.decisionbriefs.com%2Fbigquery%2Ftrack%2Fcore_actions%2Fcrts_1714457752150&epn.form_length=1&_et=300&tfd=2741
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je44t0v893216188za200&_p=1714457751395&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1138413580.1714457752&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEE&_s=3&sid=1714457751&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&dt=OR%20Manager&en=form_submit&_c=1&ep.form_id=core_tracking_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fapps.decisionbriefs.com%2Fbigquery%2Ftrack%2Fcore_actions%2Fcrts_1714457752150&epn.form_length=1&_et=1&tfd=2741
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 crts_1714457752150
apps.decisionbriefs.com/bigquery/track/core_actions/ Frame FEE9 0
0 394ms
161ms Document
text/html 3.220.79.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/bigquery/track/core_actions/crts_1714457752150
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.79.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-79-196.compute-1.amazonaws.com
Software: nginx/1.25.4 / PHP/5.6.40
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 06:15:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP='We do not have a P3P policy.'
pragma: no-cache
server: nginx/1.25.4
x-powered-by: PHP/5.6.40

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
83 KB 40ms
40ms Script
text/javascript 2600:9000:2644:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: E8Xqd_XzP1xGQPgJ2rRArNdUFnSvN3pa
Content-Encoding: gzip
Via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 06:15:37 GMT
Age: 16
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2024 21:46:10 GMT
Server: AmazonS3
Etag: W/"e1dc09168683fa834f599c01bb66de29"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: igSXQ2vU1a2I4VUCcw9kI0ObLslwFXdahQkjs476TA0wzyGWRJWeTg==

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 81CF 287 KB
93 KB 140ms
46ms Script
application/javascript 143.204.205.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Requested by: Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-185.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 12:31:39 GMT
content-encoding: gzip
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 668654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
etag: W/"ba41e1e15fa64ba31fd66b66e19eb16f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: DEj883_bLlHYnWDkMHtQ8gsiHOI8S1Aq5PSuL6pTXvtLaKBBYWraqg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 17AC 4 KB
2 KB 684ms
441ms XHR
application/json 34.226.189.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.540f6ce4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.226.189.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-189-223.compute-1.amazonaws.com

Software

nginx /

Resource Hash

abe2dde4840226ca7c69c9bc6d8c8c7cfb7f243138931f177b9b5e0c3be66c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Apr 2024 06:15:52 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-01a6170eca229cbe6
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0001aj2ksss4r1nujdj0
x-runtime: 0.314290
server: nginx
etag: W/"abe2dde4840226ca7c69c9bc6d8c8c7c"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ormanager.com
x-intercom-version: 110f83d6c794d23697ef33b70c4aa812025b90e5
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 40ms
39ms Image
image/png 2600:9000:2644:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Mon, 29 Apr 2024 19:57:31 GMT
Via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Age: 39412
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qJFrO09UrXnS01OJM9q5JSKMadwcC0RwDK2bqzbjjjRMuEabVAX3ig==

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 40ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039886252854831&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&rl=&if=false&ts=1714457752319&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1714457752112.438557673&ler=empty&cdl=API_unavailable&cs_est=true&it=1714457751938&coo=false&tm=1&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=3127, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Apr 2024 06:15:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame 1083
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

48ms
47ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Tue, 30 Apr 2024 06:15:52 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 30 Apr 2024 06:15:52 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2 200 3ce13a619c5875ca
pixel.sitescout.com/up/ 43 B
259 B 138ms
47ms Image
image/gif 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/3ce13a619c5875ca?cntr_url=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 Riyadh, Saudi Arabia, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:52 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK setup Show response
vms.boldchat.com/aid/322065871255520080/api/v1/extendedvisitorinfo/ 24 B
260 B 635ms
208ms XHR
application/json 44.242.45.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/322065871255520080/api/v1/extendedvisitorinfo/setup

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.242.45.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-46.boldchat.com

Software

BoldChat/8006 /

Resource Hash

ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?0
Date: Tue, 30 Apr 2024 06:15:52 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8006
Content-Length: 24
Content-Type: application/json;charset=UTF-8

GET
H2 200 visitor-token Show response
visitor-services.boldchat.com/visitor-token-service/ 38 B
374 B 186ms
54ms XHR
application/json 54.194.109.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-services.boldchat.com/visitor-token-service/visitor-token
Requested by: Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.109.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-109-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 436027da52b613bfa2898710e88d162f7e0f10d9d85798715a3ec6f680eb5464

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 0.215353ms
date: Tue, 30 Apr 2024 06:15:52 GMT
x-correlation-id: 5141e395-9401-46f4-82da-920e15a64f8f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ormanager.com
access-control-allow-credentials: true
content-length: 38

GET
H3 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-04-26-09-07-08/locales/ 621 B
1011 B 40ms
40ms XHR
application/json 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:52 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 755
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334345
x-accel-date: 1714123407
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3CRoFAAwBisclxAH3EwAAAA
x-accel-expires: @1740043388
x-77-age: 334345
last-modified: Fri, 26 Apr 2024 09:09:13 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: cf878727530e0bd4988c306698fa4023
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: kr2F2BHKp_KD0I1D6CekLjtPhRQC1Yulp8QOZ7xkzAMFvf4NNE3r9g==

OPTIONS
H/1.1 200
OK /
geo.accessintel.com/cc/ Frame 0
0 375ms
121ms Preflight
application/json 64.34.196.222
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.accessintel.com/cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.196.222 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: Upgrade, Keep-Alive
Content-Length: 21
Content-Type: application/json
Date: Tue, 30 Apr 2024 06:15:52 GMT
Expires: Tue, 30 Apr 2024 06:15:52 GMT
Keep-Alive: timeout=1, max=3
Server: Apache
Upgrade: h2

GET
H2 200 nr-rum-1.257.0.min.js Show response
js-agent.newrelic.com/ 50 KB
18 KB 165ms
47ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.257.0.min.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac2185eaf27db9d83c2688a55c428a5f18bbe41d8f769c58f41f081b8b17834b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hDZawLvU_7lPCCc8KE3sqLucpiUuFFEu
content-encoding: br
via: 1.1 varnish
date: Tue, 30 Apr 2024 06:15:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: YB66H9WE205CV402
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17464
x-amz-id-2: J0F4Vx172T0B6pfFS4EfzJaBRrtdm4vPuW6A3bRinEzKNwaCOAfMD47HXJd0g6PMz3g1gBzkOvk=
x-served-by: cache-mxp6962-MXP
last-modified: Fri, 19 Apr 2024 00:43:41 GMT
server: AmazonS3
etag: "04045b88714f08119a0e2fcb74624f22"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 214368

GET
H/1.1 200
OK / Show response
geo.accessintel.com/cc/ 21 B
438 B 121ms
121ms XHR
application/json 64.34.196.222
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.accessintel.com/cc/
Requested by: Host: apps.accessintel.com
URL: https://apps.accessintel.com/gdpr/cookieconsent.min.js?id=AwQ7ysOzp86W4nDEZlrN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.34.196.222 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache /
Resource Hash: 446698a49f98e77f0b668bf585cf8cfcf177d278f1b125a7aace536925705eed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.ormanager.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:53 GMT
Server: Apache
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: Keep-Alive
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Content-Length: 21
Keep-Alive: timeout=1, max=2
Expires: Tue, 30 Apr 2024 06:15:53 GMT

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 119ms
39ms Image
image/png 143.204.205.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-185.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:19:46 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 8250967
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: Lzzb1dF6gp57vl56hVBd08MGo_c-zS1o_rEOiQIRISJY-OBqIhL8_g==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 118ms
41ms Image
image/png 143.204.205.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-185.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:19:45 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 8250968
etag: "35ce74c31e3ef54462a234340af702d7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: x35tg8QtCp1emow9WU28Bg1IikrAo7isrXUB6QZ6ODXC6Aq0tt7Muw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
648 B 117ms
40ms Image
image/png 143.204.205.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-185.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 06 Feb 2024 20:40:33 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 7205719
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 277
x-amz-cf-id: 9uuwVJddmyk90gaXVYxFWMEg-vcZCNV13U1RXPz6dE08g7D3aLY3Mw==

GET
H/1.1 200
OK bc.pv Show response
vms.boldchat.com/aid/322065871255520080/ 1 KB
2 KB 622ms
208ms Script
text/javascript 44.242.45.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/322065871255520080/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1600&sheight=1200&sdpi=96&url=https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E&idid=319447253976043440&1714457752683&tabIdentifier=9152082117648731162&clientScheme=https&visitorTrackingAllowed=true&visitorToken=7190957009675153408&_bcvm_vrid_=true&_bcvm_vid_combined=1714457752685Sundefined&_bcvm_vrid_combined=1714457752685Sundefined&&hasbutton=false

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.242.45.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-46.boldchat.com

Software

BoldChat/8006 /

Resource Hash

69108dd5182fb6823baa6f6b8ceebeaa99d4859abefc624df472aac0c8e45245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:52 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8006
Transfer-Encoding: chunked
X-Boldcenter-PageViewID: 322661831582099680
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
X-Boldcenter-VisitID: 322661832446952253

GET
H3 200 favicon.png
www.ormanager.com/wp-content/themes/orm-theme/ 2 KB
2 KB 61ms
60ms Other
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb5a13e0e223eca6a4b00982300ca24b0977b7eee2201fa72ff1b9ac57abec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 12 Apr 2025 19:31:05 GMT
date: Tue, 30 Apr 2024 06:15:52 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-gbkwp
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 1743
x-served-by: cache-chi-kigq8000049-CHI, cache-fra-eddf8230118-FRA
last-modified: Thu, 11 Apr 2024 17:25:05 GMT
server: cloudflare
x-timer: S1714457753.723957,VS0,VE3
etag: "66181cf1-6cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDjeBTBsJWwtmET%2BQDfKiLdV3Dcw15WIMpKhIcl3IY4Q4GJFvfaVcAO5aztiYysTAb9EJJocZ7tbJFOmCZUC5IFFc3hMUmW0OXHOV49b6gJbrJ9BY%2BuJ%2FNqzjq5CMIJ%2FCJBClA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 0a456bd8-f83a-11ee-ab04-125dd692c6ff
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5665a6a7b18df-FRA
x-cache-hits: 4, 0

GET
H3 200 cropped-ORM-logo-icon-512x512-1-1-32x32.png
www.ormanager.com/wp-content/uploads/2023/04/ 1 KB
2 KB 70ms
69ms Other
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/uploads/2023/04/cropped-ORM-logo-icon-512x512-1-1-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b353e65e344b4507fd9a9f0fd6ae530ec074669dc8d373c518a33ef7ce1e2338

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 16 Feb 2025 21:13:54 GMT
date: Tue, 30 Apr 2024 06:15:52 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe1-b-86568b7775-ps8n6
x-cache: HIT, HIT
backend-name: 140.248.77.25,443
alt-svc: h3=":443"; ma=86400
content-length: 1208
x-served-by: cache-chi-klot8100025-CHI, cache-fra-eddf8230125-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_klot8100025_CHI
last-modified: Wed, 05 Apr 2023 21:00:58 GMT
server: cloudflare
x-timer: S1714457753.788683,VS0,VE4
etag: "642de18a-4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JkYu6GRKstmVf%2F5V%2FXtPr62WkjWds7S0Nkp14ZXL9NtAxpqSC3F6psaannOhbwCyAzOG2dfxfuOX0l%2BNyVgtbw23Naisj2TicjiSkjXL3IMffFJtm7iHQgQ2wkIqlrqdP4xKyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 4a744a5a-cd10-11ee-8592-9a89e97c5ec0
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5665adaf718df-FRA
x-cache-hits: 1, 0

POST
H/1.1 200 NRJS-fc28ca882ad197dfc89 Show response
bam.nr-data.net/1/ 150 B
601 B 692ms
595ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fc28ca882ad197dfc89?a=416935715&v=1.257.0&to=MQZXbEcAXUNYVENaVwhMdFtBCFxeFlFFXFYSTkVZUgQ%3D&rst=3400&ck=0&s=bbee92a62c6a1e4d&ref=https://www.ormanager.com/&ap=483&be=1336&fe=1927&dc=843&at=HUFUGg8aTk0%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1714457749417,%22n%22:0,%22f%22:567,%22dn%22:568,%22dne%22:580,%22c%22:580,%22s%22:580,%22ce%22:626,%22rq%22:627,%22rp%22:1336,%22rpe%22:1413,%22di%22:2177,%22ds%22:2178,%22de%22:2179,%22dc%22:3219,%22l%22:3219,%22le%22:3263%7D,%22navigation%22:%7B%7D%7D&fp=2224&fcp=2224
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.257.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1ac7c4b53fc48a414efdde3e69f39fe3feb90488b8704936489ecf6684cc52ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 30 Apr 2024 06:15:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ormanager.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://www.ormanager.com
Content-Length: 150
x-served-by: cache-fra-etou8220024-FRA

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 645 B
967 B 215ms
215ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

cc02eebb5238669b1730c7258e8a7521817d55fad7020e3b169929e4a807217e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 30 Apr 2024 06:15:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 645
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 137ms
137ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Apr 2024 06:15:52 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 39ms
39ms Stylesheet
text/css 143.204.205.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-185.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Jan 2024 18:19:49 GMT
content-encoding: gzip
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 8250965
etag: W/"7144eaceff0b31347712515a6116074e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: WEXgwRjTq-lxn58v2LqT-FWk0zEmqriFOHtzpZI9LlqfeQsZ7JgweA==

GET
BLOB 200
OK e08d42c3-0cd0-4348-9f01-746c3da6d40b
https://www.ormanager.com/ Frame 81CF 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ormanager.com/e08d42c3-0cd0-4348-9f01-746c3da6d40b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 0
Content-Type

GET
BLOB 200
OK d3624eda-a143-4721-844e-5367d70e6428
https://www.ormanager.com/ Frame 81CF 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ormanager.com/d3624eda-a143-4721-844e-5367d70e6428
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 31224
Content-Type

GET
H3 200 remediation_1714122428673.js Show response
cdn.userway.org/widgetapp/2024-04-26-09-07-08/remediation/ 108 KB
30 KB 40ms
39ms Script
application/javascript 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/remediation/remediation_1714122428673.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 762ed0b0559659b8ef6038788ba462233edf1c5a538948a2e81ef104e2377b01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 751
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334351
x-accel-date: 1714123402
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3DxoFAAwBJRPCNAH3EQAAAA
x-accel-expires: @1740043385
x-77-age: 334351
last-modified: Fri, 26 Apr 2024 09:09:13 GMT
server: CDN77-Turbo
etag: W/"1f36e683f3c7b686a058ff7262ffc75a"
x-77-nzt-ray: cf878727530e9ee3998c3066849a9705
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: w78z5f8Y9kwtCwNuJncYeidjHbTNTnBi0j03YeFfMqi6salUyoxYXQ==

GET
H3 200 Hcv9Ak5LZ2YZ8lxO.json Show response
cdn.userway.org/remediations/consolidated/2647295/ 809 KB
109 KB 44ms
43ms XHR
application/json 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2647295/Hcv9Ak5LZ2YZ8lxO.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9e7057cd2072ef671d2766c9c6301aa88336a1be2b4d59f47fc64f2eb67bdb06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 276
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1714123935
alt-svc: h3=":443"; ma=86400
x-77-nzt: EggBnJIhiwFBDAGKxyXEAff6FwUA
x-accel-expires: @1745659935
x-77-age: 333818
last-modified: Tue, 23 Apr 2024 15:07:09 GMT
server: CDN77-Turbo
etag: W/"cafb16969f91cba49767c628cfbf5654"
x-77-nzt-ray: cf878727530ea3e3998c30667519a105
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: _quB0bHXwS4c4Y-OIjLd8mESqmCvDkj22xUqu6qqXd7ZU6qlohHqNQ==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 40ms
39ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 525
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334234
x-accel-date: 1714123519
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3mhkFAAwB1GY4EQH3JAAAAA
x-accel-expires: @1740043483
x-77-age: 334234
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: f6587a1df0628cec998c306654c86406
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: gcb84sRTOhZSg79fNO4s-wFHuFbYezgLUNOiLxoMSWut5lq8dBGdWA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 443
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334234
x-accel-date: 1714123519
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiAH3mhkFAAwBisclwQH3dgAAAA
x-accel-expires: @1740043401
x-77-age: 334234
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: f6587a1df0628cec998c3066e6107006
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 5x4oNkpVHdIFqIQLmuv54RElaXCw3KIBMt_l4vsnWyrzwrVOamznTg==

GET
H3 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-04-26-09-07-08/paid/ 55 KB
20 KB 41ms
40ms Script
application/javascript 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-04-26-09-07-08/widget_app_base_1714122428673.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 58e902446fe39b5fa37273eae3ebc68eeeec63d2c7b3b28c9978d3ebc1f2e9d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Origin: https://www.ormanager.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 765
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 334351
x-accel-date: 1714123402
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3DxoFAAwBisclwQH3AgAAAA
x-accel-expires: @1740043400
x-77-age: 334351
last-modified: Fri, 26 Apr 2024 09:09:17 GMT
server: CDN77-Turbo
etag: W/"c2ff6e82688d3a71c72997f94aecdb40"
x-77-nzt-ray: cf878727530eece4998c306618f64c08
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: fhvwJWnew7sTGGBQ9ex5JkobATJKm0nk8ewEzbbbvLYykLRKCFrUkg==

GET
H3 200 Hcv9Ak5LZ2YZ8lxO.json Show response
cdn.userway.org/remediations/consolidated/2647295/ 809 KB
0 0ms
0ms Fetch
application/json 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2647295/Hcv9Ak5LZ2YZ8lxO.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9e7057cd2072ef671d2766c9c6301aa88336a1be2b4d59f47fc64f2eb67bdb06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:53 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 276
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1714123935
alt-svc: h3=":443"; ma=86400
x-77-nzt: EggBnJIhiwFBDAGKxyXEAff6FwUA
x-accel-expires: @1745659935
x-77-age: 333818
last-modified: Tue, 23 Apr 2024 15:07:09 GMT
server: CDN77-Turbo
etag: W/"cafb16969f91cba49767c628cfbf5654"
x-77-nzt-ray: cf878727530ea3e3998c30667519a105
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: _quB0bHXwS4c4Y-OIjLd8mESqmCvDkj22xUqu6qqXd7ZU6qlohHqNQ==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 148ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe&e=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 06:15:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.gif
images.boldchat.com/images/ 42 B
359 B 704ms
210ms Image
image/gif 54.188.53.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.boldchat.com/images/clear.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.188.53.58 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-31.boldchat.com

Software

BoldChat/8107 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31636000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:53 GMT
Strict-Transport-Security: max-age=31636000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Oct 2023 17:53:27 GMT
Server: BoldChat/8107
ETag: W/"42-1696442007000"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 2647295 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 205ms
204ms Fetch
application/json 2600:1f14:5db:eb00:587:d70f:3a38:c7aa
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2647295
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:587:d70f:3a38:c7aa Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:53 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 2647295 Show response
api.userway.org/api/br-links/v0/links/ 10 KB
4 KB 242ms
241ms Fetch
application/json 2600:1f14:5db:eb00:587:d70f:3a38:c7aa
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2647295
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:587:d70f:3a38:c7aa Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 26c35a8fd8d16a00a3252369ea8738fc90a3fc7fd9e7069b25de4ed009646088

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:15:53 GMT
content-encoding: gzip
etag: W/"271e-agafJ30tKPJQfEPahgPefzaz3d0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
x-service-version: apps-ddb67952

GET
H/1.1 200
OK clear.gif
images.boldchat.com/images/ 42 B
0 317ms
317ms Image
image/gif 54.188.53.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.boldchat.com/images/clear.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.188.53.58 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-31.boldchat.com

Software

BoldChat/8107 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 06:15:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Oct 2023 17:53:27 GMT
Server: BoldChat/8107
ETag: W/"42-1696442007000"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 42

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ 261 B
812 B 43ms
42ms Fetch
application/json 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 90478408242d7918331c890316298021fc647e3e47d25004f71d262acffd97f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:54 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1714368718
alt-svc: h3=":443"; ma=86400
x-service-version: img-dscr-srv-406c249e
x-77-nzt: EggB1GY4tAFBDAElE8IxAffMWwEA
x-accel-expires: @1714973518
x-77-age: 89036
server: CDN77-Turbo
etag: W/"105-xMk4izVNsVUHsShccMig036dnXw"
x-77-nzt-ray: 6d204d11bb3156749a8c3066ed260215
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ Frame 0
0 627ms
518ms Preflight 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
date: Tue, 30 Apr 2024 06:15:54 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggB1GY4tAAACAElE8IxAAA
x-77-nzt-ray: 6d204d11bb315674998c3066f3fc8631
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-727604a1

OPTIONS
H3 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ Frame 0
0 215ms
214ms Preflight 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fblink_green.png%22%2C%22alt%22%3A%22green%20blinking%20chat%20indicator%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Flogo-light.png%22%2C%22alt%22%3A%22Lucky%20Orange%20Chat%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fsound-on-white.png%22%2C%22alt%22%3A%22Click%20to%20mute%20chat%20sounds%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fai-series.jpg%22%2C%22alt%22%3A%22AI%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fasc-leader-logo-no-tagline.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-bottom.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-top.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2FOR_AMBanner.png%22%2C%22alt%22%3A%22OR%20AM%2C%20your%20daily%20source%20of%20critical%20news%20from%20OR%20Manager%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2For-letters.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2021%2F01%2FAAMI.jpg%22%2C%22alt%22%3A%22Cover%20for%20AAMI%20guidance%20covers%20sterile%20processing%20of%20dilators%2C%20ultrasound%20probes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F02%2Fshutterstock_609946820-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F10%2F41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F01%2Fmedpage-today-logo.jpeg%22%2C%22alt%22%3A%22Cover%20for%20Data%20cast%20doubt%20on%20recommendation%20to%20delay%20weight-loss%20meds%20prior%20to%20surgery%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1ORM_0424-COVER-225x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F2-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F3-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F4-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F5.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fanalyticsbasedlearning.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdatadrivendecisionmaking.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2FDataDrivenExcellence.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdisaster-prep-series-350x120.jpg%22%2C%22alt%22%3A%22Disaster%20Preparedness%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fleadership-series-350x120.jpg%22%2C%22alt%22%3A%22Leadership%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Forbmc-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Form-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Formc_22_05230-1-350x120.jpg%22%2C%22alt%22%3A%22OR%20Manager%20Conference%20Poster%20Research%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Frsi-series-350x120.jpg%22%2C%22alt%22%3A%22Preventing%20Retained%20Surgical%20Items%20(RSI)%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F04%2Frfraps.png%22%2C%22alt%22%3A%22Cover%20for%20FDA%20medical%20device%20class%201%20recalls%20trend%20upward%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2FORM_0524-21.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fremediate-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fterminate-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
date: Tue, 30 Apr 2024 06:15:55 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBnJIhiAAACAElE8IxAAA
x-77-nzt-ray: f6587a1d2c5aed519b8c306623e7ef02
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-727604a1

GET
H3 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ 7 KB
1 KB 236ms
236ms Fetch
application/json 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fblink_green.png%22%2C%22alt%22%3A%22green%20blinking%20chat%20indicator%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Flogo-light.png%22%2C%22alt%22%3A%22Lucky%20Orange%20Chat%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fsound-on-white.png%22%2C%22alt%22%3A%22Click%20to%20mute%20chat%20sounds%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fai-series.jpg%22%2C%22alt%22%3A%22AI%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fasc-leader-logo-no-tagline.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-bottom.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-top.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2FOR_AMBanner.png%22%2C%22alt%22%3A%22OR%20AM%2C%20your%20daily%20source%20of%20critical%20news%20from%20OR%20Manager%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2For-letters.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2021%2F01%2FAAMI.jpg%22%2C%22alt%22%3A%22Cover%20for%20AAMI%20guidance%20covers%20sterile%20processing%20of%20dilators%2C%20ultrasound%20probes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F02%2Fshutterstock_609946820-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F10%2F41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F01%2Fmedpage-today-logo.jpeg%22%2C%22alt%22%3A%22Cover%20for%20Data%20cast%20doubt%20on%20recommendation%20to%20delay%20weight-loss%20meds%20prior%20to%20surgery%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1ORM_0424-COVER-225x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F2-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F3-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F4-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F5.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fanalyticsbasedlearning.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdatadrivendecisionmaking.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2FDataDrivenExcellence.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdisaster-prep-series-350x120.jpg%22%2C%22alt%22%3A%22Disaster%20Preparedness%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fleadership-series-350x120.jpg%22%2C%22alt%22%3A%22Leadership%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Forbmc-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Form-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Formc_22_05230-1-350x120.jpg%22%2C%22alt%22%3A%22OR%20Manager%20Conference%20Poster%20Research%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Frsi-series-350x120.jpg%22%2C%22alt%22%3A%22Preventing%20Retained%20Surgical%20Items%20(RSI)%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F04%2Frfraps.png%22%2C%22alt%22%3A%22Cover%20for%20FDA%20medical%20device%20class%201%20recalls%20trend%20upward%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2FORM_0524-21.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fremediate-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fterminate-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: ac346ee2e3b3c2468ea7420b56f5213472942e4ae31369a0991ffb97a7ee24cd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:55 GMT
content-encoding: gzip
x-77-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-service-version: img-dscr-srv-727604a1
x-77-nzt: EggBnJIhiAFBCAElE8IxAYE
x-accel-expires: @1715062555
server: CDN77-Turbo
etag: W/"1a6c-b/K2qEciLfKTq1xsT+3OGjX1oQo"
x-77-nzt-ray: f6587a1d2c5a95589b8c3066fb31ca0f
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H/1.1 200 imp
cdp.omeda.com/olytics/segments/ Frame 0
0 141ms
140ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/imp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Apr 2024 06:15:57 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

POST
H/1.1 200 imp Show response
cdp.omeda.com/olytics/segments/ 20 B
341 B 144ms
144ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/imp

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 30 Apr 2024 06:15:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 20
X-XSS-Protection: 1; mode=block

GET
H3 200 ORMC.com-All.png
mdevents.accessintel.com/ormc2024/wp-content/uploads/sites/113/2024/03/ 54 KB
55 KB 76ms
51ms Image
image/png 172.67.172.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mdevents.accessintel.com/ormc2024/wp-content/uploads/sites/113/2024/03/ORMC.com-All.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f7fadfa8ba861e6028e92bc52b181f67b86f86fbd6cd83de3108e58c58df34

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 27 Mar 2025 20:56:26 GMT
date: Tue, 30 Apr 2024 06:15:58 GMT
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162638
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-6d4f8d8d49-2t778
backend-name: 167.82.237.80,443
alt-svc: h3=":443"; ma=86400
content-length: 55384
x-served-by: cache-chi-kigq8000080-CHI, cache-fra-eddf8230124-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000080_CHI
last-modified: Tue, 26 Mar 2024 20:48:38 GMT
server: cloudflare
x-timer: S1714295120.198003,VS0,VE4
etag: "660334a6-d858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydrxIa7M%2FHEzve3jCad1vuv1vcV6Qn9Msde5aWFU7yOmxm5vO4kfu2asn2IH2Rnkvrx5NxP8Gp%2BQpdFrZ2vY2M5T5c%2Bmm4jj5ZFzGKtahZRF5jdHW%2B7ABu72dUT91MPJK8BO%2FcLkaHR5ixk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 4f9dedca-ebb3-11ee-9540-f2c4aeced682
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 87c5667db88e37f2-FRA
x-cache-hits: 1, 0

GET
H3 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ 303 B
815 B 41ms
41ms Fetch
application/json 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fmdevents.accessintel.com%2Formc2024%2Fwp-content%2Fuploads%2Fsites%2F113%2F2024%2F03%2FORMC.com-All.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-04-26-09-07-08/paid/remediation-tool.js?ts=1714122428673
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 7ca9f8b1405fb7da0c40f35b4b257ba3555280948c9b9016e26d9bd5fe6a4021

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ormanager.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Tue, 30 Apr 2024 06:15:58 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1714372023
alt-svc: h3=":443"; ma=86400
x-service-version: img-dscr-srv-8d5b377c
x-77-nzt: EggBnJIhiAFBDAGKxyXEAffnTgEA
x-accel-expires: @1714976823
x-77-age: 85735
server: CDN77-Turbo
etag: W/"12f-YJZGQ8qB1q27D7NXLB5hkScTnuo"
x-77-nzt-ray: f6587a1d2c5ac1c19e8c306618c5d728
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H3 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/ Frame 0
0 198ms
198ms Preflight 156.146.33.137
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/oSNNNRSsza3zt7Qx/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fmdevents.accessintel.com%2Formc2024%2Fwp-content%2Fuploads%2Fsites%2F113%2F2024%2F03%2FORMC.com-All.png%22%2C%22alt%22%3A%22%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.137 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
date: Tue, 30 Apr 2024 06:15:58 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBnJIhiAAACAGKxyXEAAA
x-77-nzt-ray: f6587a1d2c5ae2ba9e8c30666949031d
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-727604a1

GET
H2 200 xclosegrey.png
olytics.omeda.com/olytics/img/ 519 B
1 KB 39ms
39ms Image
image/png 2600:9000:223c:a600:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://olytics.omeda.com/olytics/img/xclosegrey.png

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:a600:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5995b67b0f93c0a47076fbbed0c07ac43d81247ac978ef099b1ba86cbfb5989b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 18:23:41 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 42736
x-cache: Hit from cloudfront
content-length: 519
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 11:01:32 GMT
server: Apache
etag: W/"519-1712919692000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: Hndqc8xsi2e2Miq99cutFExoVDVPrPvpHzi_CnGNcx7IGMYUM3uoHQ==
expires: Mon, 29 Apr 2024 18:23:29 GMT

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ormanager.com/	1970-01-21 00:33:29	Name: optimizelyEndUserId Value: oeu1714457751127r0.6172704321513836
.ormanager.com/	1970-01-21 00:33:29	Name: optimizelySegments Value: %7B%7D
.ormanager.com/	1970-01-21 00:33:29	Name: optimizelyBuckets Value: %7B%7D
.ormanager.com/	1970-01-20 20:14:17	Name: optimizelyPendingLogEvents Value: %5B%5D
.ormanager.com/	1970-01-20 20:14:19	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.ormanager.com/?oly_enc_id=0739H1713901D4E%22%2C%22sref%22:%22%22%2C%22sts%22:1714457751581%2C%22slts%22:0}
.ormanager.com/	1970-01-21 05:43:41	Name: _parsely_visitor Value: {%22id%22:%22pid=e02d4a0c-ea8c-4b27-91a8-b7ce65a749dd%22%2C%22session_count%22:1%2C%22last_session_ts%22:1714457751581}
.ormanager.com/	1970-01-20 22:23:53	Name: _gcl_au Value: 1.1.866615523.1714457752
.ormanager.com/	1970-01-21 05:50:17	Name: _ga Value: GA1.2.1138413580.1714457752
.ormanager.com/	1970-01-20 20:15:44	Name: _gid Value: GA1.2.109216051.1714457752
.ormanager.com/	1970-01-20 20:14:17	Name: _gat_UA-784080-19 Value: 1
.ormanager.com/	1970-01-21 04:59:53	Name: oly_enc_id Value: 0739H1713901D4E
.ormanager.com/	1970-01-21 04:59:53	Name: oly_anon_id Value: 9f3c9b28-fb7b-4698-a8f0-9ce7f447f230
.ormanager.com/	1970-01-21 04:59:53	Name: oly_fire_id Value: 5013H3565790A2O
.ormanager.com/	1970-01-20 22:23:53	Name: _fbp Value: fb.1.1714457752112.438557673
.vimeo.com/	1970-01-21 05:50:17	Name: vuid Value: pl1430641758.1960388538
.ormanager.com/	1970-01-21 05:50:17	Name: _ga_2BTEL2PXRG Value: GS1.1.1714457751.1.0.1714457752.0.0.0
.doubleclick.net/	1970-01-20 20:14:18	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:33:29	Name: receive-cookie-deprecation Value: 1
.vimeo.com/	1970-01-20 20:14:19	Name: __cf_bm Value: U6pBBIEIT4NquJGCN6Wd9SiV.V8Q8UW3NC8EyHsoovg-1714457752-1.0.1.1-XSpYfLeQf5vDPBhtf0z7zOSCfFM7N3Zn9S_7azpAd7Lhmac8W6eVBFwoLh_81N8RY18cJyxhzaUBuwigK0tBJQ
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: jCgDZJTzGJCDGZWHrkdD9Lo6CgEUoZVtZAgAk7do_9o-1714457752340-0.0.1.1-604800000
.sitescout.com/	1970-01-21 04:59:53	Name: ssi Value: 73e8717a-1702-453f-8e93-dcd264e1046c#1714457752562
.sitescout.com/	1970-01-20 20:57:29	Name: _ssuma Value: eyIyIjoxNzE0NDU3NzUyNjEwLCI0IjoxNzE0NDU3NzUyNjEwLCIzOSI6MTcxNDQ1Nzc1MjYxMCwiNyI6MTcxNDQ1Nzc1MjYxMCwiOCI6MTcxNDQ1Nzc1MjYxMH0
.ormanager.com/	1970-01-21 05:50:17	Name: _lo_uid Value: 330014-1714457752151-3652b5ce70d8c3a3
.ormanager.com/	1970-01-20 20:14:18	Name: _lorid Value: 330014-1714457752151-1ba878ba58d9f467
.ormanager.com/	1970-01-21 04:59:53	Name: _lo_v Value: 1
.ormanager.com/	1970-01-21 00:33:29	Name: __lotl Value: https%3A%2F%2Fwww.ormanager.com%2F%3Foly_enc_id%3D0739H1713901D4E
.boldchat.com/	1970-01-21 05:50:17	Name: bc.visitor_token Value: 7190957009675153408
.ormanager.com/	1969-12-31 23:59:59	Name: ai_core_ip_checked Value: 1
.tapad.com/	1970-01-20 21:40:41	Name: TapAd_TS Value: 1714457752755
.tapad.com/	1970-01-20 21:40:41	Name: TapAd_DID Value: cbe8a994-23f7-4feb-b45c-0d07a415d220
.demdex.net/	1970-01-21 00:33:29	Name: demdex Value: 45730049098947817304166886772513832413
.tapad.com/	1970-01-20 21:40:41	Name: TapAd_3WAY_SYNCS Value:
.dpm.demdex.net/	1970-01-21 00:33:29	Name: dpm Value: 45730049098947817304166886772513832413
.ormanager.com/	1970-01-21 02:43:07	Name: intercom-id-b1wfmjvz Value: 539691d8-71c0-4f80-9a2c-fa67737a342b
.ormanager.com/	1970-01-20 20:24:22	Name: intercom-session-b1wfmjvz Value:
.ormanager.com/	1970-01-21 02:43:07	Name: intercom-device-id-b1wfmjvz Value: 378eef6c-4f79-425a-850d-1019b7f7ecda
.boldchat.com/	1970-01-21 04:59:53	Name: bc-visitor-id Value: 322065871255520080=322661832016948939T0DA02B8725593649C6B2634D842540B7480BA601AB5E229278578ECF7F68AE7F0FF7A62EC7245B76CD8EC064DEED68BB1A70A538F9BFE40C99B546BBE2323D75
.boldchat.com/	1969-12-31 23:59:59	Name: bc-visit-id Value: 322065871255520080=322661832446952253T849578FB6878A7A6211DA6EB30E776194D1BA36CBB5836DF4984EE16537287DF0E20216AD4A6A650EBBA2520ADA8EB92EB06362FD082A9AD437E81F644F0D14D
.ormanager.com/	1969-12-31 23:59:59	Name: _bcvm_vid_322065871255520080 Value: 322661832446952253T849578FB6878A7A6211DA6EB30E776194D1BA36CBB5836DF4984EE16537287DF0E20216AD4A6A650EBBA2520ADA8EB92EB06362FD082A9AD437E81F644F0D14D
.ormanager.com/	1970-01-21 04:59:53	Name: _bcvm_vrid_322065871255520080 Value: 322661832016948939T0DA02B8725593649C6B2634D842540B7480BA601AB5E229278578ECF7F68AE7F0FF7A62EC7245B76CD8EC064DEED68BB1A70A538F9BFE40C99B546BBE2323D75

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/518322662332686?v=2.9.154&r=stable&domain=www.ormanager.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ormanager.com/?oly_enc_id=0739H1713901D4E Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=300
X-Content-Security-Policy	default-src 'self'; img-src ; media-src data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12891178.fls.doubleclick.net
ai.omeclk.com
api-iam.intercom.io
api.userway.org
apps.accessintel.com
apps.decisionbriefs.com
bam.nr-data.net
cdn.optimizely.com
cdn.parsely.com
cdn.userway.org
cdn77.api.userway.org
cdnjs.cloudflare.com
cdp.omeda.com
connect.facebook.net
d.adroll.com
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geo.accessintel.com
images.boldchat.com
js-agent.newrelic.com
js.intercomcdn.com
maxcdn.bootstrapcdn.com
mdevents.accessintel.com
olytics.omeda.com
oqs.omeda.com
ormanager.disqus.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.sitescout.com
player.vimeo.com
region1.google-analytics.com
s.adroll.com
securepubads.g.doubleclick.net
settings.luckyorange.net
ssl.luckyorange.com
static.addtoany.com
stats.g.doubleclick.net
up.pixel.ad
use.fontawesome.com
visitor-services.boldchat.com
vms.boldchat.com
vmss.boldchat.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.ormanager.com
104.17.25.14
104.18.10.207
104.26.11.16
13.224.189.49
142.250.184.198
142.250.185.66
142.250.185.98
143.204.205.185
156.146.33.137
156.146.33.141
157.240.252.13
162.159.128.61
162.247.243.29
172.67.172.134
172.67.178.30
172.67.39.148
178.79.242.16
18.245.46.10
199.232.192.134
2001:4860:4802:34::36
204.180.130.159
204.180.130.165
205.162.42.171
2600:1f14:5db:eb00:587:d70f:3a38:c7aa
2600:9000:223c:a600:1e:5cef:3780:93a1
2600:9000:2644:8000:6:9280:1080:93a1
2602:816:5001::39
2606:4700:20::681a:4f4
2606:4700:3036::6815:1b98
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a02:26f0:3500:883::13b8
2a02:6ea0:c700::17
2a02:6ea0:c700::22
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:3392:7b68:4327:e9ec
3.161.77.50
3.220.79.196
34.226.189.223
34.36.216.150
35.80.158.24
44.242.45.116
54.155.18.159
54.188.53.58
54.194.109.213
54.89.48.242
64.34.196.222
98.98.134.243
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
03f9c2418ffb81fd9bf6a32c26f4134e1fcaafb75e2a97e4bf5065c99494971f
066fd763ae80d8c10477182a76d859fa2ce27405d8599aaf4ff76127389dd65b
0f7d6c0148df079679311ae7f000a869c6dcd960f33e5b1131bbee60567efd42
135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c
13f7fadfa8ba861e6028e92bc52b181f67b86f86fbd6cd83de3108e58c58df34
1ac7c4b53fc48a414efdde3e69f39fe3feb90488b8704936489ecf6684cc52ec
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
2138f60669e5a25802f3ea50358c847e15899cb104d3db81ba6f2a0e134ba252
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
245aa60fb782cc0b9ddf3902ab304929664bf450a269773ad1ab61b9916f1b1a
26c35a8fd8d16a00a3252369ea8738fc90a3fc7fd9e7069b25de4ed009646088
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2a0b13b9654f2f7d5a605221200562464277985dbeabad26e4edda9dd0e6fe9d
2d8f379e7798c0c19db5927db7c0aca833170d3f479f360d5b2f7200492cb0dc
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
2f5c89dc9e8efdbd4545aa3cb9f64cfd726dd9f573e5116ffa82dda6e774d3a3
3166b6172873ea9eda556121cbe9ff020315da2c1dcd3b165c8c8339fea7428b
3418f02d5132cc106fb74bdba992c0d096b0dfd86f7aa5bf4eebb3a834f52dff
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
359da6865420e6799bc62640a84021b094bf31d86686abf441f5bf32d8e94a65
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
375c7c159f962f457d48866d00139e512f7109e7a15b8afa4b4d1c91fc18af0b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c63b701db0079a033bca2f5ec9a61f5c54b4b610597a91133cb4d68030798dd
3ec093226dbb4c5f2767562378e80a955db377003a72f5ff70cd65040983090f
3f07a45b92419d219f1f41caac4b12421b89a725c16db41f531c32d62312b919
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
416455c86e68ef950308d1e274895568ebf96ddee07165eb2bc9c64707693a68
436027da52b613bfa2898710e88d162f7e0f10d9d85798715a3ec6f680eb5464
43b3ee62bbab4fbd0e46cc715a920fe8956931222f425d2acfef31585eff6abb
446698a49f98e77f0b668bf585cf8cfcf177d278f1b125a7aace536925705eed
489168ccbdeb0ec45ce5c7ce266303272b2bf198b730d888c3fabdab73b052e8
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c9ffbfead2561df1df412da373a075ba7e280778d403355d652339a8a9bd7f9
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
58e902446fe39b5fa37273eae3ebc68eeeec63d2c7b3b28c9978d3ebc1f2e9d6
5995b67b0f93c0a47076fbbed0c07ac43d81247ac978ef099b1ba86cbfb5989b
5b54de1182d996f2bc5d9b2a8d1097bea47d0e1eaeb8c4fa6b81e55b60df841d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61384c102c2bcf613c9abc529fb6f185e88526006b089bf395d94d757afae395
62afbe0f2ce9016a6ca5434bb1f5851c00197d278bbbc515c00e6fc9d686b334
63419f7066ed47c6949c2f43127c5f03486598921b0dd4732f6f251d21d81390
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6608187998e51c245fa75ffdcbf125d9e30b06a5c242af488791d732bc7bb755
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
69108dd5182fb6823baa6f6b8ceebeaa99d4859abefc624df472aac0c8e45245
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c82472eddc9f34f910d7f6a0561934d0e748cee8566a01a5c9c3b3fc98f5f73
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
762ed0b0559659b8ef6038788ba462233edf1c5a538948a2e81ef104e2377b01
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7879da1408dabe7cc155a9e63e025eb5d2cdefef4ec283763fa7f48549824fa6
79898bfbe1e87e1fc9342125c30a7a9e1733a16d3d0b23e17731885d5b207a25
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7ca9f8b1405fb7da0c40f35b4b257ba3555280948c9b9016e26d9bd5fe6a4021
7dbda87e6a5563c11610f717b1b923ff681fc7ce5d7b0d024122cb6f16b7af15
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
8265097b8810ca03eecb3cbb7f454a3ff597af15840381e849aa9eeae3b5d7f4
8283fc67f7c7448327574c49bda3245223d8a00b77100407b812746c12455adf
853c185aabf3a2612f2a855485219381803e1608ff2c3bdc09df064ece2ee695
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8936cb632799aea6cdd63fc728d4b6332d9f0785d562cf414ee208d387f0f507
89801d4cb705ca2003489c0f15d449baa55e8a1efd7a4cd34755be1b956c5cf2
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
90478408242d7918331c890316298021fc647e3e47d25004f71d262acffd97f8
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
929bcc014cf4b84eaf5a9808188b3050c27dc0685b1b56fde00c905ae2241656
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9476829b95e258d910312ec7f2f30b425355061a2110d1e8f094b1c3a0587705
962eaa3c1a2130ce8689105bb46d6454972927d761d9df30dd357c9373040b54
968838ec4987fc04d49c939a7671b925c45f3767e916167316e1b637da926220
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
995185d0b22be89c14ff07a7d181d82a9e65165fd52d321c43c92606e3c58ccc
99eca15ff9addd9ead499e884eee2ce6ffb5dbc1e21dda13ce55b780ca2c1b63
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9b6c741e29cbd1bf04d6ab418b878aa70358b9c10cb3edbe7ba7cd9d5a8c3840
9d68e64e8400eb2e298164580dd19dc58651d6587513cf95d659c6dc6902b2cf
9e7057cd2072ef671d2766c9c6301aa88336a1be2b4d59f47fc64f2eb67bdb06
a03cbb789f781aaf4bcfe55dc5d44d89fc96ea33076da54167f5936a6db2ee51
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a107c190f000e324121c68980b721824f4e2281a9151ca5e71aa8c5c4e7005ee
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a674c2409821d4e965a3a435231bc3d5ac622b0d9dd668af3d03454ab67d3d21
a72c1407e4df69175587756d01e2537a2f8722e59a5a7581f37a7ce36747e7d7
a7ff3f6beeb6d7baaf2f849401db15f5e13b713034ff77131fa80d219bfec6a6
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
aae80bc1698885368bcf75705a1dbcfd7c3730c6df2238c916fa6a142177548f
aaef8bbaf4b10a667db38c6479a2069453033faab8fa3be14ef5cb3754cd6c4f
ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360
abe2dde4840226ca7c69c9bc6d8c8c7cfb7f243138931f177b9b5e0c3be66c6c
ac2185eaf27db9d83c2688a55c428a5f18bbe41d8f769c58f41f081b8b17834b
ac346ee2e3b3c2468ea7420b56f5213472942e4ae31369a0991ffb97a7ee24cd
aca6a021c16cb27b7cc80573c223965fcbfa6067afbd1e7a8b8e3b1f0e189e0c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb5a13e0e223eca6a4b00982300ca24b0977b7eee2201fa72ff1b9ac57abec4
b05e12145b7c6094497b4089b14b67d0d59fd0e080947d1bb8e2549cb55d7d2e
b0807829de0cf5844ca49208519907dbce6d2bcc79b21b73d0969de204e968b2
b353e65e344b4507fd9a9f0fd6ae530ec074669dc8d373c518a33ef7ce1e2338
b4d10ad4f6ccdfb04d113ed59c5041bfaea930fc93cb145634b55f4b7261d30b
b619fb48856262958728b749d6ae69c4c12f4d5a8373144ac7e325a2403d54e5
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
beba8d621b4950294ebd97bc5f8187744eebb0d55647856a1a42d234064f75bb
bebe4f2398b6a8798d51b247cdedcb56d81cf0d1a803a2b5f7296d76677b8ebd
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cae96f5cef4e19c9f2a138f5b0368aad46a71f9f7852b8d55c11cb4bd33b8963
cc02eebb5238669b1730c7258e8a7521817d55fad7020e3b169929e4a807217e
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4107986001cd5e2f27770652d1b5bb6e30a6cc4337c8eede7e81aa15bf36ab8
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d495e962c34954339e2e81b0d98dcda6f8051ff3214cc375210dc926f7fb2847
d5e6fdd0e1dc603947a9870af3f699e87abddd7f97276db962e9edefbd5789b8
d655c80ac351e118b3cb1c493cb1294481e0aa29bab78112c6955688e42ec54c
d9500c0aaf52b5a427ebe5fa20b6cbb821041325bba86ec0f71477090c986fcb
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dbd1a076857f9312f0877201ddf15bc6906de0de15e7b02a5965b1de4f77d0e8
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
de23dad9886751ad5923ff70890c37a7a77b3221a18677c5ddfe483862dc63f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a
e0b3c5b6631488b40e06e6d0ac6309b601aa8845290d54a07cbdc2167d62d57e
e2fd3de8fb373508a533dae20a1166dd73434ab4e6fbfd2ddfc1fb3f9f6eae6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c49e1205cdb3076a1e6697b709d9444db626281b8815dc992cc71a7909b78c
e51bb3aea2e977a9cdd447643f74bbf6d33d9d7dea16a867efbedaf2b740ea86
e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33
e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f
e9a641e068d97aaa5fb7bb80b0a105dcc47abaac81b460c7e3f92b798787c833
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4493a3d0281d1a3d637d2a85f414527f19eeb283d5e5c921583662feb2b837
f36452f9124d578c60e90a49b1697b75b8f1aa3c7c27783ca461cb4c8ba4bb61
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7bd37e17ef1fe27935d0af32ea06624988813a5cf89dc6f444edb47b5c53654
faea4228b2a99be395497d9d851b47a92af6d3fc1cae8cf572d88af89f730551
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3
fe4827a3795c631932b0ecc2b3a0d859f5475cd96a368e3e9799c062afe68cc8
fe7090a7e39ae5de23d8c846b71da778fde087003d7fe30b8f8da091c1cd70ca

www.ormanager.com Open in urlscan Pro 172.67.178.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

98 %HTTPS

36 %IPv6

33 Domains

49 Subdomains

53 IPs

6 Countries

6252 kBTransfer

12114 kBSize

40 Cookies

26 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ormanager.com Open in urlscan Pro
172.67.178.30 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

98 %
HTTPS

36 %
IPv6

33
Domains

49
Subdomains

53
IPs

6
Countries

6252 kB
Transfer

12114 kB
Size

40
Cookies

179 HTTP transactions
0 data transactions