www.ormanager.com Open in urlscan Pro
172.67.178.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ormanager.com/
Submission: On November 20 via manual (November 20th 2024, 11:45:13 am UTC) from US — Scanned from US

Summary HTTP 274 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 64 IPs in 3 countries across 46 domains to perform 274 HTTP transactions. The main IP is 172.67.178.30, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ormanager.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.

This is the only time www.ormanager.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
67	172.67.178.30 172.67.178.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:280... 2600:9000:2807:fe00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
17	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f9:5400:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
7	3.213.226.18 3.213.226.18	14618 (AMAZON-AES) (AMAZON-AES)
3	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.101.60 18.164.101.60	16509 (AMAZON-02) (AMAZON-02)
2	18.164.116.7 18.164.116.7	16509 (AMAZON-02) (AMAZON-02)
4	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
18	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
3	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1	69.28.187.147 69.28.187.147	22822 (LLNW) (LLNW)
1 5	2600:9000:23c... 2600:9000:23cb:7800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
1	13.249.91.16 13.249.91.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:4f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a02:6ea0:c40... 2a02:6ea0:c400::54	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
10	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.251.40.102 142.251.40.102	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
2	108.139.47.114 108.139.47.114	16509 (AMAZON-02) (AMAZON-02)
6	142.250.65.232 142.250.65.232	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
13 16	2600:1f18:61c... 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	216.157.106.133 216.157.106.133	13768 (COGECO-PEER1) (COGECO-PEER1)
10	31.13.80.36 31.13.80.36	32934 (FACEBOOK) (FACEBOOK)
3	2600:1f14:5db... 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b	16509 (AMAZON-02) (AMAZON-02)
5	18.164.93.6 18.164.93.6	16509 (AMAZON-02) (AMAZON-02)
2	44.209.155.11 44.209.155.11	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:61c... 2600:1f18:61c0:220c:bc7c:4e18:20a7:79f9	14618 (AMAZON-AES) (AMAZON-AES)
1	44.197.143.75 44.197.143.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:61c... 2600:1f18:61c0:2208:b7ad:67e0:5e9c:661b	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
1 2	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	207.65.37.184 207.65.37.184	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.80.36 142.250.80.36	15169 (GOOGLE) (GOOGLE)
274	64

67 172.67.178.30 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ormanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2807:fe00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f9:5400:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.213.226.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-226-18.compute-1.amazonaws.com

apps.decisionbriefs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-7.jfk50.r.cloudfront.net

consent.api.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

ormanager.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.28.187.147 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-187-147.iad.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:23cb:7800:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.91.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-16.jfk52.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4f4 (United States)

ASN13335 (CLOUDFLARENET, US)

ssl.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6ea0:c400::54 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.102 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f6.1e100.net

12891178.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-114.jfk50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32 (Ashburn, United States) 13 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.157.106.133 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.164.93.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-93-6.jfk50.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.155.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-155-11.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:220c:bc7c:4e18:20a7:79f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.143.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-143-75.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:2208:b7ad:67e0:5e9c:661b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.202.130 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States) 1 redirects

ASN14777 (YAHOO, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	ormanager.com www.ormanager.com	4 MB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173	224 KB
25	userway.org cdn.userway.org — Cisco Umbrella Rank: 3208 api.userway.org — Cisco Umbrella Rank: 3180 cdn77.api.userway.org — Cisco Umbrella Rank: 7080	221 KB
24	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 3645 d.adroll.com — Cisco Umbrella Rank: 1673 x.adroll.com — Cisco Umbrella Rank: 3549 ipv4.d.adroll.com — Cisco Umbrella Rank: 12775	50 KB
23	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 12891178.fls.doubleclick.net — Cisco Umbrella Rank: 329437 td.doubleclick.net — Cisco Umbrella Rank: 182 ad.doubleclick.net — Cisco Umbrella Rank: 145 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	221 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	413 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	1 KB
7	decisionbriefs.com apps.decisionbriefs.com — Cisco Umbrella Rank: 526894	47 KB
7	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 28064 cdp.omeda.com — Cisco Umbrella Rank: 28351 oqs.omeda.com — Cisco Umbrella Rank: 28960	77 KB
5	cloudfront.net d10lpsik1i8c69.cloudfront.net	97 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717 pixel.sitescout.com — Cisco Umbrella Rank: 5840	974 B
4	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 36	768 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	89 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	298 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2266 api-iam.intercom.io — Cisco Umbrella Rank: 2695	6 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4382	28 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	93 KB
3	osano.com cmp.osano.com — Cisco Umbrella Rank: 5209 consent.api.osano.com — Cisco Umbrella Rank: 9761	65 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 429	983 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	599 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 525	515 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333	899 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 607	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 393	833 B
2	google.com www.google.com — Cisco Umbrella Rank: 3	455 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2998	287 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3695 p1.parsely.com — Cisco Umbrella Rank: 2508	21 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2102	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1304	365 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 886	590 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 897	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	1 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 805	634 B
1	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 476	496 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 14681	2 KB
1	luckyorange.com ssl.luckyorange.com — Cisco Umbrella Rank: 169404	3 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 13717	2 KB
1	disqus.com ormanager.disqus.com	2 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1024	66 KB
0	boldchat.com Failed vmss.boldchat.com Failed
274	46

	Domain	Requested by
67	www.ormanager.com	www.ormanager.com cmp.osano.com
20	cdn.userway.org	cmp.osano.com cdn.userway.org www.ormanager.com
18	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
16	d.adroll.com	13 redirects cmp.osano.com www.ormanager.com
16	securepubads.g.doubleclick.net	www.ormanager.com cmp.osano.com securepubads.g.doubleclick.net olytics.omeda.com pagead2.googlesyndication.com
15	www.googletagmanager.com	cmp.osano.com www.ormanager.com www.googletagmanager.com
10	www.facebook.com	www.ormanager.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net
7	apps.decisionbriefs.com	www.ormanager.com cmp.osano.com
5	d10lpsik1i8c69.cloudfront.net	ssl.luckyorange.com cmp.osano.com
5	s.adroll.com	1 redirects cmp.osano.com www.ormanager.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.ormanager.com
4	connect.facebook.net	cmp.osano.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.jsdelivr.net	www.ormanager.com cdn.jsdelivr.net
3	api.userway.org	cdn.userway.org
3	cdp.omeda.com	olytics.omeda.com
3	static.addtoany.com	www.ormanager.com cmp.osano.com
3	maxcdn.bootstrapcdn.com	www.ormanager.com maxcdn.bootstrapcdn.com
2	cdn77.api.userway.org	cdn.userway.org
2	ep2.adtrafficquality.google	cmp.osano.com
2	ib.adnxs.com	1 redirects www.ormanager.com
2	eb2.3lift.com	1 redirects www.ormanager.com
2	ups.analytics.yahoo.com	1 redirects www.ormanager.com
2	us-u.openx.net	1 redirects www.ormanager.com
2	px.ads.linkedin.com	1 redirects www.ormanager.com
2	dsum-sec.casalemedia.com	1 redirects www.ormanager.com
2	match.adsrvr.org	2 redirects
2	pixel.tapad.com	1 redirects www.ormanager.com
2	x.bidswitch.net	1 redirects www.ormanager.com
2	www.google.com	www.ormanager.com cmp.osano.com
2	x.adroll.com	cmp.osano.com www.ormanager.com
2	api-iam.intercom.io	js.intercomcdn.com
2	pixel.sitescout.com	1 redirects www.ormanager.com
2	pixel-sync.sitescout.com	1 redirects www.ormanager.com
2	js.intercomcdn.com	widget.intercom.io
2	td.doubleclick.net	cmp.osano.com
2	12891178.fls.doubleclick.net	1 redirects cmp.osano.com
2	oqs.omeda.com	olytics.omeda.com
2	consent.api.osano.com	cmp.osano.com
2	player.vimeo.com	www.ormanager.com
2	fonts.googleapis.com	www.ormanager.com
2	olytics.omeda.com	www.ormanager.com cmp.osano.com
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	sync.taboola.com	www.ormanager.com
1	image2.pubmatic.com	www.ormanager.com
1	sync.outbrain.com	www.ormanager.com
1	pixel.rubiconproject.com	www.ormanager.com
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	ipv4.d.adroll.com	www.ormanager.com
1	googleads.g.doubleclick.net	cmp.osano.com
1	ad.doubleclick.net	www.ormanager.com
1	settings.luckyorange.net	ssl.luckyorange.com
1	ssl.luckyorange.com	cmp.osano.com
1	widget.intercom.io	cmp.osano.com
1	up.pixel.ad	cmp.osano.com
1	c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com	cmp.osano.com
1	ormanager.disqus.com	cmp.osano.com
1	p1.parsely.com	www.ormanager.com
1	cdn.parsely.com	www.ormanager.com
1	cmp.osano.com	www.ormanager.com
1	cdn.optimizely.com	www.ormanager.com
0	vmss.boldchat.com Failed	cmp.osano.com
274	65

This site contains links to these domains. Also see Links.

Domain
ceu.ormanager.com
jobs.ormanager.com
store.ormanager.com
twitter.com
www.facebook.com
www.linkedin.com
www.ormanagerconference.com
www.orbusinessmanagementconference.com
www.accessintel.com
www.boldchat.com

Subject Issuer	Validity	Valid
ormanager.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
cdn.optimizely.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M02	`2024-09-17` - `2025-10-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2024-06-05` - `2025-06-16`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
decisionbriefs.com Amazon RSA 2048 M02	`2024-07-29` - `2025-08-28`	a year	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
vimeo.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
static.addtoany.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.api.osano.com Amazon RSA 2048 M02	`2024-08-27` - `2025-09-25`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
luckyorange.com WE1	`2024-10-02` - `2024-12-31`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
luckyorange.net WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2024-09-08` - `2025-10-07`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.adroll.com Amazon RSA 2048 M02	`2024-07-03` - `2025-07-31`	a year	crt.sh
www.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
1784939676.rsc.cdn77.org E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.ormanager.com/
Frame ID: 0584D5A5BBEB2405F473CB5B1D934071
Requests: 188 HTTP requests in this frame

Frame: https://player.vimeo.com/video/883052591?badge=0&autopause=0&quality_selector=1&player_id=0&app_id=58479
Frame ID: ABF47CB143F792201B6A4D75E0BA6629
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 19EBF17BA496DFAF4F235BE2F251026C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E2D3A79BA6797C6EE9EC47CF5B97E9B4
Requests: 1 HTTP requests in this frame

Frame: https://c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B1A77F33B490F9D08DBF27B290491C3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHtmdgJqPRx6o-2l9NsftIXRS521K_aLGkUcf5kEUgBIqs0B-mNbN4n61TIkho-07NfSKJX-eQ1a-2gJYhwKmPRCDvxo-WMisasXTi6Ckos1Q_jy28UfIpp5MA0dp0fl2gEBPCQYHUECUT3YyOMKo7-UMvH54X-TL-6LqmTfzxb0sXM3s0O09Iw48-0XCy2Cjx66OS0LfDTgoiuCxehAUTR9KDHgscXUlym0YT-MtZfceP9ZcRbx4LARcXx6r__QtgOhSAqSyZ3AYBIXSn157vcaVnMWictvvLPVMECXLqRq4vOurulM_LgvW7T395NVOdLvRWOBVY2MNdzHaqS1enkK887IPBNeQUI6EmthxixxpGwRjbeTzD0i7iCLKbxK2wFZJ17ewhGLqZGiFoZMQ&sai=AMfl-YSf2IezxD7KaByuAUdytVsbXvyrtnSSv4Y0HgA_UvkebW6q1G2uS344uI9z4hHMGHkcOgEmDVCqP8PYHUnPhMBJheiw6LF1ZaKaMfaLoc1Wkg551ebBsDAlWuu0A_zFSbdPscKlesayF7-ECoC5&sig=Cg0ArKJSzDFs3Fv0KKkmEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C43D94C4C0B65CE28CAE549D36EFB7C2
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWhKjPEoFWuMFIjk96rIij4f6_h4Tl6raoQzYQdD297PM1EkkmAT0-nRDXlN2Ip1Rl9ayPfh0rGKVXu3nTpumduH2dpIu2C4blY0DyEOh3zIj7DVvGzpEMeB4q7M1ke70_GsUyWPjdfkzWhr4z5LGX7bRPBBpBup5Lg8e7fQbAoX8QWF2c3JhWAqhahZNXECm4qNLP58DRxZ8UdCuNc6gtgowC3c3cz1mvmfgldyVWDralVSVYdXjgNzJWsCAfSp2V_aEguldJEwhe4UbD5gpNIrdsF5KgG8M2MAq6hExCMRyavbWgm20Z4u1JFaA0ApmYkY-RDOc_bSt5nVsrj4pYQz-j4XTOFaXTqIQwP2BOgauC_KYBrqX_6TRTdngzrx1SLTgqejVXE58qk1zpLA&sai=AMfl-YS6jq2F4Zs7wX7B7E25tJ6iLH-fMFQfTj4sf49oN_PMr8s1eIPbqmYUtgm6DXu-NLOJWQrgDXjQcc2gVlulamZSS4NfIfjSwc3YDXMypITylKXdC25BNur8yGEmNNfMWV0tjYnuxWVFZe5-s1jw&sig=Cg0ArKJSzEfqeBNsjB5gEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 02813870E95E3CA0FC44139FF5542AFF
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjUtcPOpgGULaekMdllJZ6rZURtAKYuPW2Dqn4WzHNbYYRE8dRbuBdJCMPjWChli5ig2LqxLG7D6xHISiyi3XnVUE4ReMso7d6bLdYifyjQoHI0npyMmljVRBe7oXLk-I4VA30IkzdyQVfHW7UeBz4xpQk_d2jQJwegkoo7H4ZxUVQKg1fIR2kxM0P1NNnXfCWclxQIlujgMIjfOBO46yLlDgUTub4XG6R28zzl777xa7Dh0oqRjO-q2hC6-7lm34gi0ySUqoiXszw3UNLsOgqEDParjn_f3s10LPJV3k_g1BtuPPwarwihmrig4zCRZ3dl3dlaFsFDFXv_sHHwgGJpOGzTRDgsAUGEqyPpY0k4CvlYU8GN280hxKYLms--Wa60Ebf72VuWp90dhsLfsf92A&sai=AMfl-YQslzY3y9L4ZkO7JeMIi5XvdM_QvF2FsqsrkwYL8H4OTZPp5eYPjDJMZsM2JUjT3I2hl4wPIVRIG1bnrAT2b4X57iwax2N5cEW005f-8C2XbYXlcrUVvuyjSq4sYHI37gEjV7KqfE2jfnBD4WVx&sig=Cg0ArKJSzCDwMrI9OgxUEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 334C24A7FFFD58A450DE69D18605FF83
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF-hv6Qe8MOBiKfb2zvqdBtKdQJagGpqQIcHCdo5PCo69CXlFfwiqOxTnLty4UoaCGRlByULRJHQwKt30G6AKJEGr5iqhzLqtmGNu6etVsz1jQFwSCbY7UIzePZeFqXvuPqmllGsigRdThCt_HEW2tKe8_fhL332r4M4bs9KulD5EdWZP2QMqKNbqkT2rFDO01C4dlHkqlrAXSqg0HLhinEBffDW9cBn6COrEZGb82dFh4a8NW1VYeFXy-iO-HOjoHJs0HCBY0vix8p7MruMLy21bLocLgvbfqhQrkSaAOEP0aBg0_dZU95HWjQTSgd6Z2NjnT6aZdyBLsDu4Ax3MA13PLN9_-fqsg0g3a4ZeljbW3udhgqfGqLIn9QxhDUHxqD3jeNpQWr52APozLM3zqfo4&sai=AMfl-YRqSItws3InxiePfYW6L6XxL7zlW6ek0izS-5CenzAu6s94QO8ZfF4a4lQypmHK8Zc7x-BqCGdaQ3KUFLChwLAXEFF7ciQlTT6tjsMVrNx0Dk7SiA-3ydE0wVXHPNuGvaiviCZqrXThuM7pcwPy&sig=Cg0ArKJSzMEXu8QRbhJZEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 98F44D188534C586CDCD0BE145E83B8E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKXKrRwhG0TW03eUSuQGD-9Ia9CpIFANeEjzxgN79sWzsMy9G3AihggYr-bbHhMUlgOXERAZBzzLv1VvrjmdyNdZO0aPn8hypj89I8WGHVLiTXZlnhBsfTE9kInD_34_CUjr2QwHwht04lbL8jq2YeFql-WLmT9b15dTYILUZiRHPFaeJrs1au9174Y436Xg-pdX5dctZAI0JmlUeUzoQEcuFNoPBP2uiOPLsUMRTlnRL85_7u8uvGsSmY85Ad9C40oN_gryC_F0Ps_TkcdAohTkjL2WBlcLK-7uIEb9JHFaIl_RAL-dUPuilDovd4jRTPk4f3g7oeXZCI_BVggObieASUJs2v301KXSronO_3mSo_ya2sSyBasdinjyIWLHLHzIVWAaQSeYhQvZkpKN6RKVVP6TM&sai=AMfl-YQvgkeHv9W9ZjTF8dgh90dmiPfvUSWmEix7PBraONFqVK3tfrACyPf9HvWpfsLQbrjwMDbNrtrV-dt5S61dg2GMsGcMANr_xwqFmQU2FPrS9mSrtEzN-FNL3DZyAhDtJuGwvCiBHmneJYNuhTXQ&sig=Cg0ArKJSzPj7VzUSHJYlEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: AE8580B3196B742D87E5997B96B8F9D2
Requests: 9 HTTP requests in this frame

Frame: https://12891178.fls.doubleclick.net/activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F
Frame ID: FFCEAB6057CB1B9A00B3A69FAB538699
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F
Frame ID: 30BC7C7E8BEC3E01FCE23745837B4EB0
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ebc5a228.js
Frame ID: C891A5A27270B03722BD3C3BE534E23C
Requests: 5 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-751974586?random=1732103106761&cv=11&fst=1732103106761&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z8830755158za201zb830755158&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ormanager.com%2F&hn=www.googleadservices.com&frm=0&tiba=OR%20Manager&npa=0&us_privacy=1-N-&pscdl=noapi&auid=949841746.1732103107&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 2033478AE57DE709F68D74A962A0A044
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.ormanager.com
Frame ID: C31DABB97307970E0C85C19158532A89
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: E1402082E4899556B3531185C0043E6A
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Frame ID: 1B5511E33707A3E5A4D57CDBBC4D35C2
Requests: 2 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
Frame ID: 20FB679EFCF9DF7905749FAC1D4979B6
Requests: 1 HTTP requests in this frame

Frame: https://apps.decisionbriefs.com/bigquery/track/core_actions/crts_1732103107677
Frame ID: 1FF14B781F9762E80A119B71D09516BA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Frame ID: B876E8BB7270BE61BD4D5EDAF426A53F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Frame ID: 939BB61784C73D60A66E74815E2C90B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Frame ID: 524C315824E1112234002427B96F1331
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B6C6CE32104CC28215329856C1970491
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CADDC1B12AA2FAC3D9EFF583FB04100E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OR Manager

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

274
Requests

87 %
HTTPS

31 %
IPv6

46
Domains

65
Subdomains

64
IPs

3
Countries

6641 kB
Transfer

14139 kB
Size

88
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://ceu.ormanager.com/
Title: CE Center

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/home/index.cfm?_ga=2.84204125.535957357.1699898424-1756898648.1685724854
Title: Career Center

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://twitter.com/or_manager
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ORManager
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/or-manager/?viewAsMember=true
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ormanagerconference.com/
Title: OR Manager Conference

Search URL Search Domain Scan URL

URL: https://www.orbusinessmanagementconference.com/
Title: OR Business Management Conference

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/
Title: Career Center

Search URL Search Domain Scan URL

URL: https://ceu.ormanager.com/saml/login
Title: Education Center Log-In (CE Center)

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/academic-trauma-acute-care-surgeon-worcester-ma/75751311/12710/
Title: Academic Trauma & Acute Care Surgeon, Worcester, MA - UMass Memorial Health - Worcester, MA

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/academic-foot-and-ankle-surgeon/72643803/12710/
Title: Academic Foot and Ankle Surgeon - UMass Memorial Medical Group - Worcester, MA

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/vascular-surgery-physician/73101117/12710/
Title: Vascular Surgery Physician - Fairfield Medical Center - Lancaster, OH

Search URL Search Domain Scan URL

URL: https://jobs.ormanager.com/job/bread-and-butter-general-surgery-in-maine/75927264/12710/
Title: Bread and Butter General Surgery in Maine - Northern Light AR Gould Hospital - Presque Isle, ME

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/product-category/books/
Title: Books & Reports

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/product-category/elearning-courses/
Title: Webinars

Search URL Search Domain Scan URL

URL: http://jobs.ormanager.com/home/index.cfm?site_id=12710
Title: Job Board

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?home=&gid=4531408
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/diversity-inclusion-and-equity
Title: Diversity Inclusion & Equity

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/
Title: Access Intelligence, LLC.

Search URL Search Domain Scan URL

URL: http://www.accessintel.com/privacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.accessintel.com/diversity-inclusion-and-equity/
Title: Diversity, Equity, Inclusion & Belonging

Search URL Search Domain Scan URL

URL: https://store.ormanager.com/by-category/membership/or-subscription-platinum-1.html?coupon=TAKE25
Title: Click Here

Search URL Search Domain Scan URL

URL: http://www.boldchat.com/
Title: Live chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://12891178.fls.doubleclick.net/activityi;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F HTTP 302
https://12891178.fls.doubleclick.net/activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F

Request Chain 163

https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 186

https://pixel-sync.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 187

https://pixel.sitescout.com/up/3ce13a619c5875ca?cntr_url=https%3A%2F%2Fwww.ormanager.com%2F HTTP 302
https://pixel.sitescout.com/up/3ce13a619c5875ca?cookieQ=1&cntr_url=https%3A%2F%2Fwww.ormanager.com%2F

Request Chain 215

https://www.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je4bj0v893216188za200zb830755158&_p=1732103105465&gcs=G111&gcd=13r3v3r3r5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1064330803.1732103107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEE&_s=3&sid=1732103107&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F&dt=OR%20Manager&en=form_submit&_c=1&ep.form_id=core_tracking_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fapps.decisionbriefs.com%2Fbigquery%2Ftrack%2Fcore_actions%2Fcrts_1732103107677&epn.form_length=1&_et=2&tfd=3353 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1064330803.1732103107&dbk=8472683796653497334&dma=0&en=form_submit&gcs=G111&gtm=45je4bj0v893216188za200zb830755158&npa=0&tid=G-2BTEL2PXRG&dl=https%3A%2F%2Fwww.ormanager.com%3F

Request Chain 218

https://d.adroll.com/cm/b/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

Request Chain 219

https://d.adroll.com/cm/experian/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76fc76be-64a6-4292-921a-56ce999f1271&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%2C%2C

Request Chain 220

https://d.adroll.com/cm/g/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=CA24ZT2zjoqgRu6xBOL2CQ HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 221

https://d.adroll.com/cm/index/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107&C=1

Request Chain 222

https://d.adroll.com/cm/l/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=080db8653db38e8aa046eeb104e2f609 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531&expected_cookie=fea77a07-bf3c-4fa1-a222-3569d0654f26

Request Chain 223

https://d.adroll.com/cm/n/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expires=365

Request Chain 224

https://d.adroll.com/cm/o/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent=

Request Chain 225

https://d.adroll.com/cm/outbrain/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 226

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 227

https://d.adroll.com/cm/r/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 228

https://d.adroll.com/cm/taboola/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

Request Chain 229

https://d.adroll.com/cm/triplelift/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 230

https://d.adroll.com/cm/x/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

274 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.ormanager.com/ 124 KB
26 KB 345ms
184ms Document
text/html 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d63ae5de7242b51ba0af5f5079e35933d9a02b3ab8a644b830aa5ebbd3547fa0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=300
X-Content-Security-Policy	default-src 'self'; img-src ; media-src data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,POST
age: 2
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8e5831139af95c17-SJC
content-encoding: zstd
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default'
cross-origin-opener-policy: unsafe-none
cross-origin-opener-policy-report-only: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gI92rXjCTdWOqt54NW%2B326qaR7sWGQHEJ9tjeiVhLI3sHSQRrNLFQJnuThXdhxBl6chDSUf6ZqG7Wzlx5geE2DuWRwjxOV82Io1kJXJN2TvVs7yuaFdQk6dxIqsIdqwCeCNb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=106383&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4126&recv_bytes=4352&delivery_rate=30867&cwnd=12000&unsent_bytes=0&cid=34e1741264ae0e79&ts=191&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe1-b-646589cd7b-75kh4
x-permitted-cross-domain-policies: none
x-served-by: cache-chi-kigq8000026-CHI, cache-sjc1000113-SJC
x-styx-req-id: e0b8a63d-a734-11ef-a596-92acce0b9d7f
x-timer: S1732103105.593232,VS0,VE54

GET
H2 200 337854241.js Show response
cdn.optimizely.com/js/ 191 KB
66 KB 209ms
87ms Script
text/javascript 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/337854241.js
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968838ec4987fc04d49c939a7671b925c45f3767e916167316e1b637da926220

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "c629652273cc92946e3460eedfdaec52"
x-amz-version-id: tSdPjhey4u.4YW6WMZsPDDizZ7x7dOta
access-control-allow-methods: GET, HEAD
date: Wed, 20 Nov 2024 11:45:05 GMT
x-amz-meta-revision: 800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2019 22:01:25 GMT
vary: Accept-Encoding
x-amz-id-2: XP6k7/hxRp46pmN0GT6e6vkI3GJSwfjACkndYLXsXAXarAv1FiYoYHq09hrNERtMaU7llrKXCfvhmFJDmXNSuKzPDI/fhoiLRI2IU1Lcs6U=
access-control-allow-headers: *
x-amz-replication-status: COMPLETED
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-pci_enabled: False
access-control-allow-credentials: false
x-amz-request-id: QRE48ZTEJQSHBVYM
cf-ray: 8e5831160ae09ab3-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66818
server: cloudflare

GET
H3 200 ai-osano-google-consent.js Show response
www.ormanager.com/wp-content/plugins/ai-osano-integration/assets/js/ 415 B
1 KB 144ms
140ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-osano-integration/assets/js/ai-osano-google-consent.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c512d3487383c933f44c70b2fa61b1975fc179e917b55bd118926e878c1d2aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-s7t5s
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67262823-19f"
age: 467439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0Y6B9EwKnZapeN5koyJy87BnYrdgYOJWuQ0rSg0vrte2WkdnKcjcu%2F6PlysH6Kb1UlI4L37No33LNVPhFPxza8tG67w477XmA8qaPRwG6wSpEdHZ0PqH6aDn9D%2F9XA0ttEYgw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 04 Nov 2025 16:49:53 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=40&recv=25&lost=0&retrans=0&sent_bytes=31620&recv_bytes=5706&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=444&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Sat, 02 Nov 2024 13:24:51 GMT
x-served-by: cache-chi-klot8100172-CHI, cache-bur-kbur8200095-BUR
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731635665.337333,VS0,VE6
x-styx-req-id: a611bc85-9a03-11ef-ba2e-aea2661ec2c6
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e5831159ca15c17-SJC
accept-ranges: bytes
content-length: 228
server: cloudflare

GET
H2 200 osano.js Show response
cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/ 251 KB
65 KB 285ms
89ms Script
application/javascript 2600:9000:2807:fe00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2807:fe00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a088b6cd66e34e2b2eca21c2ec8c4278434e0158f955bed4eb310ad09cbae99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: "e683293724c3f0211ca173fa7b5f6d4e"
age: 84065
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ao0FPHlnxfSpChQ_qAnT5yqDavLXUIygiMixOeEGGFLHfGNiCc6GcQ==
date: Tue, 19 Nov 2024 12:24:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 18:15:43 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
content-length: 65743
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: CloudFront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
33 KB 268ms
132ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

4b9d5bc0f6b85fc14d648e7c529ac8b119bfd2b61c7255d485f613653fd7349d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 322 / 20047 / 31089086 / config-hash: 17384341808261462643
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33315
x-xss-protection: 0
server: cafe

GET
H3 200 olytics.min.js Show response
www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/ 1 KB
1 KB 156ms
149ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/olytics.min.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1ebeb1e1a5fcfaf98c1580565717ee53b8e250db299ff55e627a7814ce38da

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-r9dpv
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e33080-40a"
age: 5937358
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FaKUrqtSy0A9ahCok8q5iT7SL2M1G8LeJVRz8ccjgUUR73tMTsSNEdfkkNWNRXNngsQx8Y6oddo4Pi3Sj%2BSKMKjT%2FJeClXKFoUGqwUUH4%2BMs0UsaeYF4T0Q9mrGnqpv8W2R8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:19:48 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=43&recv=46&lost=0&retrans=0&sent_bytes=32816&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=457&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Sep 2024 18:18:40 GMT
x-served-by: cache-chi-klot8100163-CHI, cache-sjc1000121-SJC
x-cache-hits: 5, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726165747.635428,VS0,VE109
x-styx-req-id: 9884a261-7133-11ef-8fd8-0a35245614a9
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115aca55c17-SJC
accept-ranges: bytes
content-length: 553
server: cloudflare

GET
H3 200 olytics.targeting.js Show response
www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/ 2 KB
2 KB 155ms
145ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/olytics.targeting.js?v=2.0.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9c0acec967f23106af17e0a1e6d42167071eba0c12d6e51912a47e5e24b9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-gcdc4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e33080-80f"
age: 5937358
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gr6X5J4psAUwwWNPCrOmJK3%2BAci2TB9qGWm5cAJV%2BvKWDk6v6crz2tPMgPFvsJZMbRP%2BArzmoqCeVHoKUVgN2ZECa1m%2BFzUivaXd0Msmj3qX0SafFNu3pRsk5m2TDtxaAvnamw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:18:42 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=43&recv=46&lost=0&retrans=0&sent_bytes=32816&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=457&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Sep 2024 18:18:40 GMT
x-served-by: cache-chi-klot8100063-CHI, cache-sjc1000130-SJC
x-cache-hits: 5, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726165747.635665,VS0,VE159
x-styx-req-id: 71243ecf-7133-11ef-9abc-1acd6c360691
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115aca95c17-SJC
accept-ranges: bytes
content-length: 859
server: cloudflare

GET
H3 200 style.min.css
www.ormanager.com/wp-includes/css/dist/block-library/ 111 KB
20 KB 159ms
147ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-66d79b4b7-rvvcb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc45b-1bae5"
age: 16907282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAgXoe8zMKbNZahp3mNOQsKY8Q1%2FgCk0TjjoIhxYTBpRzfPmGAIuC14a1xy1uJHD%2FR633Xg6%2Fx44w6H8q8KG13AoqEnfKuUp5gMb%2BXEA%2Bo2BH%2FUafsogB%2F3ELyqOPtKamntA2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:25 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=56&recv=46&lost=0&retrans=0&sent_bytes=45191&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=460&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 18:28:43 GMT
x-served-by: cache-chi-kigq8000074-CHI, cache-sjc10027-SJC
x-cache-hits: 10, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715195822.329283,VS0,VE105
x-styx-req-id: e455042c-0d68-11ef-85cf-0ae317fe726a
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acad5c17-SJC
accept-ranges: bytes
content-length: 19341
server: cloudflare

GET
H3 200 bbpress.min.css
www.ormanager.com/wp-content/plugins/bbpress/templates/default/css/ 30 KB
7 KB 156ms
144ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebe4f2398b6a8798d51b247cdedcb56d81cf0d1a803a2b5f7296d76677b8ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-2rjxw
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ef50fe-761c"
age: 21919375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcvcoTIE%2FIfoLvrWwPJPPuMrdJCASZfFvjAjBYRcm6THKFgn1ZKDQmr%2Bbas93x%2F5xT1gR5NpcazuPRxz6xlIJE2nAzRYvl3vD1WLelpsdp19ZmyYK4eejxoenH1HnmWcUGES2w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 19:02:09 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=49&recv=46&lost=0&retrans=0&sent_bytes=37449&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=459&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Mon, 11 Mar 2024 18:44:14 GMT
x-served-by: cache-chi-klot8100107-CHI, cache-sjc1000140-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183729.275672,VS0,VE130
x-styx-req-id: dc671843-dfd9-11ee-87f7-5e84227f08cd
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acaf5c17-SJC
accept-ranges: bytes
content-length: 6692
server: cloudflare

GET
H3 200 password-lost.css
www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/css/ 867 B
1 KB 156ms
144ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/css/password-lost.css?ver=6.5.3

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

929bcc014cf4b84eaf5a9808188b3050c27dc0685b1b56fde00c905ae2241656

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-66d79b4b7-969xc
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc452-363"
age: 16907282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FW6R93t%2FyZXGU2PhWIXtJ6sK8ND9r%2BCSBMoBkE%2FZhSixxX05Mkny0THAEyxgdoyfybCLCXEO6sMkAZehpsyHW4x75F9xFxf3GyxcgNmnfj9n9n2xa4MeQn010q6Aqxr74fEMg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=47&recv=46&lost=0&retrans=0&sent_bytes=36127&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=458&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 18:28:34 GMT
x-served-by: cache-chi-klot8100072-CHI, cache-sjc1000139-SJC
x-cache-hits: 13, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715195822.330175,VS0,VE66
x-styx-req-id: d77aa90a-0d68-11ef-87ac-8e78efa3e15b
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb05c17-SJC
accept-ranges: bytes
content-length: 391
server: cloudflare

GET
H3 200 style.css
www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/css/ 527 B
1 KB 157ms
146ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/css/style.css?ver=1.0.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ff3f6beeb6d7baaf2f849401db15f5e13b713034ff77131fa80d219bfec6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7dd7d79886-tfgxv
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6644d312-20f"
age: 16315319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvjetNoQcXS3%2BtuoDKiqnewIGgVW%2BhWWQRE7%2BhM0KyTn%2Fsl6MHTsLxxaQfDq%2Fp3DuvLMOy4LZwvr1OwIg%2Bmrij1Ij3I9MK47cBb0RREx33%2FUfnS2jLqK6ofwtfbo58AU9pwxjA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 16 May 2025 15:22:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=49&recv=46&lost=0&retrans=0&sent_bytes=37449&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=459&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Wed, 15 May 2024 15:21:54 GMT
x-served-by: cache-chi-kigq8000099-CHI, cache-sjc1000116-SJC
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715787786.524855,VS0,VE115
x-styx-req-id: e2258af1-12ce-11ef-85da-32cfa02e4cca
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb15c17-SJC
accept-ranges: bytes
content-length: 263
server: cloudflare

GET
H3 200 wpp.css
www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
1 KB 157ms
146ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.3.4

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-hlmx8
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ef5106-688"
age: 21919458
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K74%2FLnCM9L0iXrqZ3MpnQvwBvU4sSOCgrfLTbw3fjj7eAQd5RTFbxCCUDQV5LihCnvpmuGfcIHX1dpsEVV7AIJwazZjknrFL5ckKP7i%2BwxCSjrCZLr4XWB93pEtWlI5xZb2UNg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 19:00:46 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=56&recv=46&lost=0&retrans=0&sent_bytes=45191&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=460&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Mon, 11 Mar 2024 18:44:22 GMT
x-served-by: cache-chi-klot8100094-CHI, cache-sjc10026-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183646.903706,VS0,VE131
x-styx-req-id: aab56d50-dfd9-11ee-9798-126e0351acbe
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb35c17-SJC
accept-ranges: bytes
content-length: 620
server: cloudflare

GET
H3 200 subscriber-table-benefits.css
www.ormanager.com/wp-content/themes/orm-theme/css/ 4 KB
2 KB 263ms
253ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/css/subscriber-table-benefits.css?ver=2.1.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4827a3795c631932b0ecc2b3a0d859f5475cd96a368e3e9799c062afe68cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-59f7d76f4-655ch
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66aceede-109d"
age: 8906604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cpa2jp1F03begr6%2FvdM2P7znfn7lYDQy%2Fb9kthnEE6S6l2zjpnifSD1dvW2td%2BB6mcPRcbn7PZRooPgOZuSVmH3cT2pj%2F4LK2jJc7pKUs5JMkjwCUUFKGHu4L2lOusN4btn7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 03 Aug 2025 14:37:22 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=464&x=1", cfHdrFlush;dur=111
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Fri, 02 Aug 2024 14:36:14 GMT
x-served-by: cache-chi-kigq8000145-CHI, cache-sjc10036-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1723196500.173225,VS0,VE57
x-styx-req-id: baccd62f-50dc-11ef-8a59-26b478fa7659
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb45c17-SJC
accept-ranges: bytes
content-length: 1329
server: cloudflare

GET
H2 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 260ms
71ms Stylesheet
text/css 2600:9000:21f9:5400:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css?ver=2.0.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f9:5400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: W/"28820-1729249358000"
age: 11709
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 14:27:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: w1CBALyDq7gjnvU8IcMYg7w3cpI8yWu8Ues7XeU2U4IHti-shWFD5Q==
date: Wed, 20 Nov 2024 08:31:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 11:02:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=21600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7922a002a59b7f43e6eb47ceba9a3654.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P10
server: Apache

GET
H3 200 jquery.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ 86 KB
36 KB 262ms
252ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-59f7d76f4-655ch
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66af84f9-15601"
age: 8659765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mITeEGAYTa7pybMwMpx%2FH5QIUK3cfaZNCfe3EXRqTJKGMog1G4WInJeS%2F4F84Xhg9fSDWnnk4VL4XBjYrqrgJd2ouHgxDRmzOhRjt9rjr7TWTLYyR%2BHUgMNFEX%2FKSp3xYMo3lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 06 Aug 2025 12:12:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=462&x=1", cfHdrFlush;dur=113
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Sun, 04 Aug 2024 13:41:13 GMT
x-served-by: cache-chi-klot8100049-CHI, cache-sjc1000108-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1723443340.943478,VS0,VE8
x-styx-req-id: 09620cdc-5324-11ef-8a59-26b478fa7659
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb55c17-SJC
accept-ranges: bytes
content-length: 35438
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ 13 KB
6 KB 373ms
364ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-m8lxr
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671748c0-3509"
age: 471245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BgRmiEZCjPb8pZDRnspBZi%2FGM%2B%2Bg2LJrY%2B40KIm4H6vEWNExkQNn4Ewp%2BM3C%2Bi6q3ggF2vrsDMAj68xtzISyD6ubf%2FOlEqnkTDAxvl0vSjmJSrccRbjNULiFabWHVd3gYWiTA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 24 Oct 2025 05:28:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=461&x=1", cfHdrFlush;dur=114
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Tue, 22 Oct 2024 06:40:00 GMT
x-served-by: cache-chi-kigq8000133-CHI, cache-sjc10033-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731631859.997086,VS0,VE7
x-styx-req-id: 93329eeb-90ff-11ef-9c4c-927ea7e1845f
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb65c17-SJC
accept-ranges: bytes
content-length: 5342
server: cloudflare

GET
H3 200 nfpluginsettings.js Show response
www.ormanager.com/wp-content/plugins/ninja-forms-uploads/assets/js/ 1 KB
1 KB 374ms
365ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ninja-forms-uploads/assets/js/nfpluginsettings.js?ver=3.3.16

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066fd763ae80d8c10477182a76d859fa2ce27405d8599aaf4ff76127389dd65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-766d899d75-9lvjq
content-encoding: gzip
cf-cache-status: HIT
etag: W/"665e2c27-42c"
age: 12180135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z%2F3LH2gwkTkRxrnPb20xMm83EMCxrOpqm%2Fp6QMOHMPQ2bG%2BzAXkMNyeO1MIk0tGOpyOBaSfnvGkeI2RrwVWTsBcNUcpDC7KA5yDJ0OAIabDZTGDnMv8ap7nDab%2Fiv6q37G9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Jun 2025 21:19:57 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=461&x=1", cfHdrFlush;dur=114
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Mon, 03 Jun 2024 20:48:39 GMT
x-served-by: cache-chi-kigq8000043-CHI, cache-sjc1000104-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1719922969.199197,VS0,VE4
x-styx-req-id: 073824e8-21ef-11ef-914c-22c018da7e89
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb75c17-SJC
accept-ranges: bytes
content-length: 486
server: cloudflare

GET
H2 200 jquery.cookie.min.js Show response
cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/ 2 KB
1 KB 45ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/jquery.cookie.min.js?ver=1.4.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd91c486b38b1b32bc4ce7168a6f258c536d2958366f6982ceb577138e70bfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6c6-Py+gfqrNEMq1x/OUTrVfdkAaGkg"
age: 1767403
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220098-FRA, cache-mia-kmia1760088-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 909
x-jsd-version: 1.4.1

GET
H3 200 ai-core-ip-check.js Show response
www.ormanager.com/wp-content/plugins/ai-core-ip-auth/js/ 1 KB
1 KB 197ms
187ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-core-ip-auth/js/ai-core-ip-check.js?ver=1.5.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d655c80ac351e118b3cb1c493cb1294481e0aa29bab78112c6955688e42ec54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-hs42q
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ef50f9-4e9"
age: 21915249
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rafs4lIiFFYiIhRN28NRHzmbhjtj0Y4CH3Evrf3R0UcPPYsRdXjf8Ukn7Ef1BbCTfJYpEaAC4VFazZ3XjU0cm40GNIx2b322dkTyF9SKwdRtXeeMejm%2FNh0cBecjVXhaF9F2%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 18:53:25 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Mar 2024 18:44:09 GMT
x-served-by: cache-chi-klot8100160-CHI, cache-sjc1000147-SJC
x-cache-hits: 3, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710187856.389403,VS0,VE51
x-styx-req-id: a4263dfe-dfd8-11ee-bf5c-c62a4a79573a
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af775c17-SJC
accept-ranges: bytes
content-length: 595
server: cloudflare

GET
H3 200 wpp.min.js Show response
www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
3 KB 374ms
365ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.4

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-nfrfc
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671d9dc3-1194"
age: 1314686
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rv8IY%2B01EpEorG4R5JTLs8A1qtDlehrNOSk3Viwcwye7XwwP4mAL2%2FHERhPsgTC19Fjx1XCqUFNhDyZR4wcUfh4IcmT9wivhfHn6Kxbi2w%2F%2BbA7sks3NNNUN2y%2Bu%2Bw4bCjRsA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 11:56:49 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=465&x=1", cfHdrFlush;dur=110
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Sun, 27 Oct 2024 01:56:19 GMT
x-served-by: cache-chi-kigq8000150-CHI, cache-sjc1000127-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1730788419.567688,VS0,VE4
x-styx-req-id: 8c42c773-945a-11ef-892c-b2d2e56f0f5d
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb85c17-SJC
accept-ranges: bytes
content-length: 1772
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
www.ormanager.com/wp-content/themes/orm-theme/js/ 36 KB
12 KB 375ms
366ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/js/bootstrap.min.js?ver=6.5.3

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-rwtfd
content-encoding: gzip
cf-cache-status: HIT
etag: W/"672a46bc-90bb"
age: 65680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyUl9MBLJh65uf8bFepM08AosHey%2BjDk95phQOW30d1yzcJAkLwT7M0xXAnBE1QYcZCY%2F33fRlcWNwal3eVWpFMdj3Np6CmkMZsGOyCsX609NaBOMzal5ZTAYeAk5wysEURPIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 07 Nov 2025 00:19:37 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=462&x=1", cfHdrFlush;dur=113
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Tue, 05 Nov 2024 16:24:28 GMT
x-served-by: cache-chi-klot8100139-CHI, cache-sjc10056-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732037424.415220,VS0,VE10
x-styx-req-id: ceebbac2-9bd4-11ef-aa9d-a280f33369f6
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acb95c17-SJC
accept-ranges: bytes
content-length: 11896
server: cloudflare

GET
H2 200 tracking.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 13 KB
13 KB 314ms
133ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/tracking.js
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: b0807829de0cf5844ca49208519907dbce6d2bcc79b21b73d0969de204e968b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 13306
date: Wed, 20 Nov 2024 11:45:05 GMT
etag: "65de5711-33fa"
content-type: application/javascript
last-modified: Tue, 27 Feb 2024 21:41:37 GMT
server: nginx/1.27.2

GET
H3 200 jquery-ui.css
www.ormanager.com/wp-content/plugins/jquery-ui-dialog/css/ 34 KB
10 KB 483ms
475ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/jquery-ui-dialog/css/jquery-ui.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86568b7775-jppcb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d78423-898c"
age: 21928007
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIU5cdE98Lprf0ptDTZiVB2zTA%2BbRB81Hh1fL6HLjqqe1KtOMdOGdSSp1nn7lfwaELUO83pz6WxUkuMGkAQcPKSWtgjmlKRA3MPT6h8C8KtoyW9LZzMjGk8gKfPdMsS%2Fb2JAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Feb 2025 16:08:27 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=462&x=1", cfHdrFlush;dur=113
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Thu, 22 Feb 2024 17:28:03 GMT
x-served-by: cache-chi-kigq8000065-CHI, cache-sjc1000109-SJC
x-cache-hits: 1, 1
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710175098.753906,VS0,VE6
x-styx-req-id: f1ed9d4e-d32e-11ee-9a26-fec05572b5f3
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acbb5c17-SJC
accept-ranges: bytes
content-length: 9539
server: cloudflare

GET
H3 200 jquery-ui.js Show response
www.ormanager.com/wp-content/plugins/jquery-ui-dialog/js/ 460 KB
142 KB 484ms
476ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/jquery-ui-dialog/js/jquery-ui.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245aa60fb782cc0b9ddf3902ab304929664bf450a269773ad1ab61b9916f1b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-gcdc4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e07dba-72e45"
age: 5281356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EFAcjMAsIxntX8IFlMmiWmRiS%2FtTLkvXrS15%2Btj3%2BmoIYXTUwrH5pUNelJp5ia7%2FdeZT0ezF9r0jtmdeU8A2%2BMpyO11nVnxLmTLJkC6NDfwdgPrVcufnZR0Cx4N%2BptAVJQh7w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 11 Sep 2025 18:19:25 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=466&x=1", cfHdrFlush;dur=109
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Tue, 10 Sep 2024 17:11:22 GMT
x-served-by: cache-chi-kigq8000108-CHI, cache-sjc10068-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726821748.038671,VS0,VE6
x-styx-req-id: 35b7c7e4-6fa1-11ef-976c-1acd6c360691
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acbc5c17-SJC
accept-ranges: bytes
content-length: 144390
server: cloudflare

GET
H3 200 olytics.tracking.js Show response
www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/ 1012 B
1 KB 598ms
590ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-ad-management/assets/js/olytics.tracking.js?v=2.0.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d953176080d209a5e7ab15805f9834c573917ccd08f0fa603bc685c9abbd7660

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-kn7cb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e33080-3f4"
age: 5937358
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uMHEpnt2x%2BeRAwxoGoyYCSc%2Fpc5gS7bFNv%2BTqsBZ36GoWduvPkW0O%2FqrgWM7HGlQB4IAEFeFDTari0t44T4K0YAw%2FDY9jzUfWt9%2B9Hsl%2F9qeIC3OFnNVjI2%2F5DUcYzPmshtyA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 13 Sep 2025 18:19:48 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=465&x=1", cfHdrFlush;dur=110
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Sep 2024 18:18:40 GMT
x-served-by: cache-chi-klot8100113-CHI, cache-sjc1000123-SJC
x-cache-hits: 5, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726165747.665395,VS0,VE129
x-styx-req-id: 9890e06c-7133-11ef-a6a2-4af3af052092
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acbd5c17-SJC
accept-ranges: bytes
content-length: 465
server: cloudflare

GET
H2 200 all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/ 102 KB
26 KB 153ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/all.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

425392c8036438e9fe2acdd7797f01c619891d272fc732b8a5407bbc00c69723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"19816-H+/EC+R5nGIXXCIBFk30p8RFXDY"
age: 12716
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230093-FRA, cache-mia-kmia1760088-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26118
x-jsd-version: 6.7.0

GET
H3 200 style.css
www.ormanager.com/wp-content/themes/orm-theme/ 4 KB
2 KB 598ms
590ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/style.css?123123123

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9a641e068d97aaa5fb7bb80b0a105dcc47abaac81b460c7e3f92b798787c833

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-r8nq2
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671fcf5e-10d9"
age: 1300907
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SI2bMogzqQ%2B3Q0KQOmrUcRRHkm%2FlDlzeAz7p9IzFUk4wiSsg9mTfmrMM1YtCu44UAKDzyJk5Hi2IxUKXeF54I0hzHYGb20LhwxTpHCUUjxyTNRVpO89F2MIbYprsh%2BotnTAhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 30 Oct 2025 13:46:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=470&x=1", cfHdrFlush;dur=105
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 17:52:30 GMT
x-served-by: cache-chi-kigq8000077-CHI, cache-sjc10027-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1730802197.053395,VS0,VE5
x-styx-req-id: 2ae97271-95fc-11ef-983e-f6cc3a16fbf1
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc05c17-SJC
accept-ranges: bytes
content-length: 1437
server: cloudflare

GET
H3 200 main.min-07e8b38f.css
www.ormanager.com/wp-content/themes/orm-theme/assets/css/ 109 KB
19 KB 598ms
591ms Stylesheet
text/css 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/css/main.min-07e8b38f.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

854111a7cfa9dd52046bebac4b8482d7a7276685eeddc8db1bafd21a88e00054

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-986tb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6712ca91-1b39a"
age: 2814558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fh35nsTA9DDZWNQkmP3BoLcZ9Nuw5v8RBYnVM%2F8JKgghaFhwj9qcE5XuLZ6dSDk5BlP7pucecIXbzfwz7VCW03aHINnhz7jodXVrUmmV%2BOsNmd8xT5dNRMSFryqnZjYlCIWO6A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 19 Oct 2025 20:53:11 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=464&x=1", cfHdrFlush;dur=111
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: text/css
last-modified: Fri, 18 Oct 2024 20:52:33 GMT
x-served-by: cache-chi-klot8100025-CHI, cache-sjc1000125-SJC
x-cache-hits: 15, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729288546.367120,VS0,VE104
x-styx-req-id: fc69ccd7-8d92-11ef-9e6a-aae77b5c9804
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc15c17-SJC
accept-ranges: bytes
content-length: 18542
server: cloudflare

GET
H3 200 jquery.cookie.js Show response
www.ormanager.com/js/ 3 KB
2 KB 599ms
593ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/js/jquery.cookie.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-557968487-8g264
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66aceed7-cb4"
age: 8659765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3soyi7sZYQrHUbw4dV6bFqUyM33FrTDHoFRfJ5g31U0nDSE919b4Ya%2FQIp%2FJ%2F%2BVlP1qxjZsV184hohxwM6DjdYMJ3qeS54xN32JabFfMWVVsMXPIhHjjf0xlyYXUGPzyaL2q2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 03 Aug 2025 14:37:22 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=467&x=1", cfHdrFlush;dur=108
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Aug 2024 14:36:07 GMT
x-served-by: cache-chi-klot8100107-CHI, cache-sjc1000138-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1723443340.951086,VS0,VE6
x-styx-req-id: bad9db97-50dc-11ef-82b4-227f139c83c1
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc35c17-SJC
accept-ranges: bytes
content-length: 1494
server: cloudflare

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
22 KB 127ms
57ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"ec3bb52a00e176a7181d454dffaea219"
age: 19908457
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 11:45:04 GMT
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:53:47
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 62165774b587514da653f2c012135f59
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e583115ca2074ca-MIA
access-control-allow-origin: *
cdn-edgestorageid: 878
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 267ms
93ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73a41be62a878b8717d305cecc1043d02fde8765459d4e31fe430c45e4af7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 20 Nov 2024 11:45:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 orm-logo.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 17 KB
18 KB 598ms
593ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/orm-logo.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b54de1182d996f2bc5d9b2a8d1097bea47d0e1eaeb8c4fa6b81e55b60df841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-2rjxw
cf-cache-status: HIT
etag: "65ef50ff-4364"
age: 21919375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylAd2JeaDbpaLfbYMeCp2NFrOc96BlU4Y4bB33RiEaBEoCdBAZUrXNtGYn9o8tBVe0cmWFvLhc624D%2F81r04dJo%2F5B0zCCYZnNPfo%2B2XkSCpWUC7sfsQMqByPc2PVLArqW0XLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 19:02:09 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=467&x=1", cfHdrFlush;dur=108
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 18:44:15 GMT
x-served-by: cache-chi-kigq8000064-CHI, cache-sjc1000085-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183729.286352,VS0,VE85
x-styx-req-id: dc6053b2-dfd9-11ee-87f7-5e84227f08cd
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc45c17-SJC
accept-ranges: bytes
content-length: 17252
server: cloudflare

GET
H3 200 Travel_Nurse-scaled.jpg
www.ormanager.com/wp-content/uploads/2024/10/ 139 KB
140 KB 606ms
601ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/10/Travel_Nurse-scaled.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cbe6635b4370b3921f86b59e557ff562b3ce51fa14ec3ffd5948e1e396749fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-655444c567-6n45j
cf-cache-status: HIT
etag: "66ed89b5-22bcb"
age: 3964968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCyWUC29yyO2iLMGv4Z%2Fg1WI82Ae9k6BH0y%2FMPyMqO0yGRWHD3PAhqZzKaXbkvQ%2BPFp0LFMowawEm6N2jIo3xnDitR24B4b%2FDn6U6G33mtV%2F14SYVkusF12vi4ScAfYUP4%2FuJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 21 Sep 2025 14:42:07 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=467&x=1", cfHdrFlush;dur=108
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 14:41:57 GMT
x-served-by: cache-chi-kigq8000173-CHI, cache-sjc10062-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728138137.779551,VS0,VE55
x-styx-req-id: 82bd39f3-775e-11ef-814a-fac53b47af74
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc55c17-SJC
accept-ranges: bytes
content-length: 142283
server: cloudflare

GET
H3 200 ERAS.jpg
www.ormanager.com/wp-content/uploads/2024/11/ 125 KB
126 KB 126ms
126ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/11/ERAS.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070efcc920b53b515781fe4aacb83cb00a58938e48a285a3032049c04e9a0959

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-ct8fl
cf-cache-status: HIT
etag: "6737c34a-1f42a"
age: 392400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BD8d1ffl9OusnOjG13rxCRyB%2Bx3XbZe9tt%2B5p4sLA4fpc1CWUR%2FxrUo46hSt2EmTjD2IV2SxqZV3sBV3Luf1xfJzDMPbpiZB0zT8NHElNqkZZZDWjufobtO%2BVYmO0JvxsJdcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 16 Nov 2025 21:55:26 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=111585&sent=501&recv=104&lost=0&retrans=0&sent_bytes=556388&recv_bytes=16253&delivery_rate=1429628&cwnd=261000&unsent_bytes=0&cid=34e1741264ae0e79&ts=1061&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 21:55:22 GMT
x-served-by: cache-chi-klot8100103-CHI, cache-sjc10058-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731710705.998455,VS0,VE55
x-styx-req-id: 523c36d9-a39c-11ef-8f96-6afa52ce0431
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e5831197f4b5c17-SJC
accept-ranges: bytes
content-length: 128042
server: cloudflare

GET
H3 200 shutterstock_1720683121-scaled.jpg
www.ormanager.com/wp-content/uploads/2024/09/ 259 KB
260 KB 172ms
170ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/09/shutterstock_1720683121-scaled.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

260e0276583435543420c8dedddb0c6953a9d8803ac03daf9b0c9649b6db5c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86c9db48ff-sg9xb
cf-cache-status: HIT
etag: "66c60f9f-40aa8"
age: 2034775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KG13kPdoj5odszqr4Ol7s92nvPeE1hB0CqGvFxYx8WZHEoqTVTdNZFi9xtV8J7FbGebntK466O8%2FM7F6bMHzFYgFMfy66YSx%2Fchbg7q%2Fo3Xtm6%2BA0ejBM%2FV82v6syQpCaE58MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 15 Oct 2025 05:34:52 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=558&recv=107&lost=0&retrans=0&sent_bytes=621716&recv_bytes=18631&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1083&x=1", cfHdrFlush;dur=41
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Wed, 21 Aug 2024 16:02:39 GMT
x-served-by: cache-chi-klot8100167-CHI, cache-sjc1000123-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1730068330.345883,VS0,VE67
x-styx-req-id: 09274886-89ee-11ef-9e8e-560fc0fdda37
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e5831199f5a5c17-SJC
accept-ranges: bytes
content-length: 264872
server: cloudflare

GET
H3 200 shutterstock_83948470-scaled.jpeg
www.ormanager.com/wp-content/uploads/2024/05/ 477 KB
478 KB 193ms
184ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/05/shutterstock_83948470-scaled.jpeg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a976c7119be5a4525aa7ec75c26bfcc75e9beef8ab816cd5d5f15b600cde2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-644954f88b-7589w
cf-cache-status: HIT
etag: "664e0afb-773da"
age: 466878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHnRLuSSksHavTYVD0%2FYFzzJa9NE1J0VKOzCLYJj4Zal%2F1x0At0KyfYISBDN4LmJgONI7rDa3pZdM%2Bgd4R6ObrfnPLZaowYYlP1QniuACYLbwO1VAdL0nAGF%2Fhc4uqCV%2BNHtMA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 17 Aug 2025 20:55:34 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1100&x=1", cfHdrFlush;dur=25
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Wed, 22 May 2024 15:10:51 GMT
x-served-by: cache-chi-klot8100166-CHI, cache-sjc10066-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731636227.173418,VS0,VE6
x-styx-req-id: e19490de-5c11-11ef-9262-7eeb205791ae
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af785c17-SJC
accept-ranges: bytes
content-length: 488410
server: cloudflare

GET
H3 200 or-letters.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 18 KB
19 KB 194ms
184ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/or-letters.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaef8bbaf4b10a667db38c6479a2069453033faab8fa3be14ef5cb3754cd6c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-2s5dx
cf-cache-status: HIT
etag: "6727c212-46b7"
age: 85130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxYr50kfwa%2FCGeLEFa3F4iVXwAA1JApOmVnGIUB%2BDSHLacV4lu88Xvy7UnyZUbCfa%2FTFfWv1uoi%2BUdIPaXLRsUvOFealutO2MTEnr5denqX7XdKP21PvWe%2FP7OmDXjE5wh%2Ff0w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 06 Nov 2025 15:41:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1099&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Sun, 03 Nov 2024 18:33:54 GMT
x-served-by: cache-chi-klot8100041-CHI, cache-sjc10055-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017976.501860,VS0,VE54
x-styx-req-id: 6469395a-9b8c-11ef-832c-1a3e28109877
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af795c17-SJC
accept-ranges: bytes
content-length: 18103
server: cloudflare

GET
H3 200 zORM_1024-cover-image-225x300.png
www.ormanager.com/wp-content/uploads/2024/09/ 70 KB
71 KB 699ms
694ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/09/zORM_1024-cover-image-225x300.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0a294dcfc1d79516ae254eaf77daad096df290d6a7d12c81b127feb4aec5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7c58cc9f68-vc77d
cf-cache-status: HIT
etag: "66eb13d4-11718"
age: 45287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WvpySB%2Bic%2FRznGBSEAd5YUXXBznEkSTUO6iP%2BO9E9U3NVR%2F6zi20Bset%2BWMBcC%2BXJPiB%2BrGusaD0kG9II1wL1xCXueOLsavB%2BfViqHnm5P3fZwVXij6UbACLCd%2BxRLSJzowwA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Oct 2025 16:35:17 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=129383&sent=62&recv=46&lost=0&retrans=0&sent_bytes=51767&recv_bytes=12907&delivery_rate=89482&cwnd=20100&unsent_bytes=0&cid=34e1741264ae0e79&ts=470&x=1", cfHdrFlush;dur=105
date: Wed, 20 Nov 2024 11:45:04 GMT
content-type: image/png
last-modified: Wed, 18 Sep 2024 17:54:28 GMT
x-served-by: cache-chi-klot8100116-CHI, cache-sjc10054-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732057817.113060,VS0,VE5
x-styx-req-id: 4ebead74-80dc-11ef-93bf-ce51edeab887
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583115acc65c17-SJC
accept-ranges: bytes
content-length: 71448
server: cloudflare

GET
H3 200 asc-leader-logo-no-tagline.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 41 KB
42 KB 199ms
190ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/asc-leader-logo-no-tagline.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05e12145b7c6094497b4089b14b67d0d59fd0e080947d1bb8e2549cb55d7d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-4fdvf
cf-cache-status: HIT
etag: "6739664c-a3b4"
age: 85130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzz1eS%2BdPi1MUqtDjv%2BFQ%2FGstTkzLwWEZWUk9%2B4uByUd%2Fk9OKSkdDvTPU7bOZbFgPdDBigrTI4XeM5zkNLAwUuDYITuytnxuHv5apG2hndlkXWy8LPyUmJteIIHWY8TWp1PfpA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 18 Nov 2025 22:17:02 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1099&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 03:43:08 GMT
x-served-by: cache-chi-kigq8000050-CHI, cache-sjc10047-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017976.825982,VS0,VE54
x-styx-req-id: abf9ab05-a531-11ef-a444-4aa66f34f37f
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af7a5c17-SJC
accept-ranges: bytes
content-length: 41908
server: cloudflare

GET
H3 200 OR_AMBanner.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 86 KB
86 KB 202ms
194ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/OR_AMBanner.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a674c2409821d4e965a3a435231bc3d5ac622b0d9dd668af3d03454ab67d3d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-kvl65
cf-cache-status: HIT
etag: "6732da3c-1564e"
age: 85129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZ9s2FTnoqGexn3wfqs5kf2mQ5M0OL9Y8tXQfcL7KvCo7OIElkvjMcTy7HxsLQ6tSnIj4qEDsli9IZFGM4V8mhWqvIQbHuzOCdUu5dlDjTGWYqg60m5eZlM0TkWtJsr82cesdA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 13 Nov 2025 17:24:08 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1099&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 04:31:56 GMT
x-served-by: cache-chi-kigq8000029-CHI, cache-sjc10054-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017976.977839,VS0,VE53
x-styx-req-id: ecc29695-a11a-11ef-a729-c210051b05b6
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af7c5c17-SJC
accept-ranges: bytes
content-length: 87630
server: cloudflare

GET
H3 200 GAO.png
www.ormanager.com/wp-content/uploads/2023/05/ 3 KB
4 KB 203ms
194ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2023/05/GAO.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d801e71afb2916850795babf8272a7f270b785ae01143880f6c46d7edc86bfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-4cnp9
cf-cache-status: HIT
etag: "646275bb-dc3"
age: 72208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fb4U3ly1ogyR5L5SPAe2%2FBnFn%2BPloLQVnIyyS0J5jgq38stG2iBZ7KmEHwv1Dlqr3SCOYM4037km7b5YylkdVh0N8k44L5NPS%2BrJQxaq7KfSxspS%2FMOtBqjH7WwdSct2C7Ht5A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 19 Nov 2025 00:23:48 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1107&x=1", cfHdrFlush;dur=18
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 15 May 2023 18:11:07 GMT
x-served-by: cache-chi-kigq8000141-CHI, cache-sjc1000132-SJC
x-cache-hits: 6, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732030897.182852,VS0,VE57
x-styx-req-id: 618c3499-a543-11ef-8eb6-32a374769746
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af7d5c17-SJC
accept-ranges: bytes
content-length: 3523
server: cloudflare

GET
H3 200 Healio_Logo.jpg
www.ormanager.com/wp-content/uploads/2024/05/ 53 KB
53 KB 453ms
445ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/05/Healio_Logo.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb8cdfb67cfdca9c43318b98b855ae9bffa7787727e894e79a4553bdddfbbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-646589cd7b-pg9xh
cf-cache-status: HIT
etag: "6643601d-d274"
age: 45288
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPR%2BRrXwRUvtsbe0GVeq9FpYc9tJ2ImkYhmfFE3QRoi8r1V4PqzSZoUXT%2B9uAihzfI9h4XFnSrj6c1%2BavRXtFImzsKHbnmiagTJyvu9H0JSwkNmTL8O6FP6xqQcZ78GBtfd6Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 20 Nov 2025 14:11:26 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1103&x=1", cfHdrFlush;dur=22
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Tue, 14 May 2024 12:59:09 GMT
x-served-by: cache-chi-klot8100104-CHI, cache-sjc1000131-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732057818.548984,VS0,VE57
x-styx-req-id: 2a60eb03-a680-11ef-8eda-2e844695fe2c
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af7e5c17-SJC
accept-ranges: bytes
content-length: 53876
server: cloudflare

GET
H3 200 TheBMJ.jpg
www.ormanager.com/wp-content/uploads/2018/04/ 7 KB
8 KB 464ms
456ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2018/04/TheBMJ.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8b090c73057431f228beba26758af2752324994b40e1320525347d2eb8cc76

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-nfrfc
cf-cache-status: HIT
etag: "5e0ce8e3-1acd"
age: 72204
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEasTCPeBmEuV7kpFrVP5pqzM%2FGkAvgzIXOODnovMrEfHINBDgr829QRF5fsHzE%2BBWTZPGJrV5qDsYQwMitfsVL1fvXcuOTaFagC1UOPVeZcMzNG%2BrtelLt3XhFku37OiHmVjA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 07 Nov 2025 12:51:54 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1099&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jan 2020 18:45:55 GMT
x-served-by: cache-chi-klot8100102-CHI, cache-sjc1000139-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732030901.003867,VS0,VE56
x-styx-req-id: e6baa072-9c3d-11ef-8069-b2d2e56f0f5d
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af805c17-SJC
accept-ranges: bytes
content-length: 6861
server: cloudflare

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 243ms
129ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 0
x-backend-server: player-backend-edge-entry
expires: Wed, 20 Nov 2024 07:15:05 GMT
x-player-backend: g
x-cache: MISS
Date: Wed, 20 Nov 2024 11:45:05 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-mia-kmia1760054-MIA
x-cache-hits: 0
vary: Origin, Referer, Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1732103106.623208,VS0,VE52
Connection: keep-alive
via: 1.1 varnish
CF-RAY: 8e58311a0b963715-MIA
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11437
Server: cloudflare

GET
H3 200 leadership-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 8 KB
9 KB 467ms
458ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/leadership-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99eca15ff9addd9ead499e884eee2ce6ffb5dbc1e21dda13ce55b780ca2c1b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-644954f88b-zsrh7
cf-cache-status: HIT
etag: "65ef5402-1ee8"
age: 85129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkSngBBEm5mUKHQFoOODEy%2F87pz03E6XEcZxQ%2FZH5WIUxaqE6caGHMcWkKGYZUzBtexsaoQKT7vaa3yO4Jb%2FRaSsaPtclUZnbzMFoCAmVzMuGbTwDaffZ6Wuhnq9YCKIzqMl0g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 18 Aug 2025 22:58:59 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1114&x=1", cfHdrFlush;dur=11
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Mon, 11 Mar 2024 18:57:06 GMT
x-served-by: cache-chi-kigq8000158-CHI, cache-sjc10062-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.522866,VS0,VE55
x-styx-req-id: 4a01f080-5cec-11ef-a2dc-869bb9afabd2
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af815c17-SJC
accept-ranges: bytes
content-length: 7912
server: cloudflare

GET
H3 200 disaster-prep-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 8 KB
9 KB 468ms
459ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/disaster-prep-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61384c102c2bcf613c9abc529fb6f185e88526006b089bf395d94d757afae395

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5d77cc44f5-lk559
cf-cache-status: HIT
etag: "65ef540f-1ea5"
age: 504417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSGEDmJ6k8J0EAycE78ioTkWJF%2FP4L%2FnLeCmgz8d3MhVQUDc70G7RrjVXEnRohQEO33Kpo%2Fip1an%2B0QU6g1%2B8sh5civ9oekrKogUbuPfy3E67fZ4aVcWojgXIsDHIxiVs07tXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 02 Jul 2025 07:46:02 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1100&x=1", cfHdrFlush;dur=25
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Mon, 11 Mar 2024 18:57:19 GMT
x-served-by: cache-chi-kigq8000134-CHI, cache-sjc1000139-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731598689.552305,VS0,VE60
x-styx-req-id: f6d19daf-377d-11ef-8bba-420e4ed0c032
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af835c17-SJC
accept-ranges: bytes
content-length: 7845
server: cloudflare

GET
H3 200 rsi-series-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 9 KB
10 KB 470ms
462ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/rsi-series-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d68e64e8400eb2e298164580dd19dc58651d6587513cf95d659c6dc6902b2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-b5944cf5b-d9z7k
cf-cache-status: HIT
etag: "65ef540c-25aa"
age: 85129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yfVlL8Xdg9yKaW%2FLsxg6CrK8tvTUCbv6G5NiVR1qZFpINSvyKx5HGzuDKxOc7UbLWrVYzqRuQJDDHd9gNA5jdOnUqbm4SAo%2FnzLuDIKY4J5%2FTegg%2F8BVrCR6zKN5j3krUuehQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 15 Oct 2025 15:24:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1102&x=1", cfHdrFlush;dur=23
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Mon, 11 Mar 2024 18:57:16 GMT
x-served-by: cache-chi-kigq8000116-CHI, cache-sjc10046-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.844148,VS0,VE55
x-styx-req-id: 5f346268-8a40-11ef-845c-a296c6e6daa9
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af845c17-SJC
accept-ranges: bytes
content-length: 9642
server: cloudflare

GET
H3 200 ai-series.jpg
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 32 KB
33 KB 473ms
465ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/ai-series.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f9c2418ffb81fd9bf6a32c26f4134e1fcaafb75e2a97e4bf5065c99494971f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-s7t5s
cf-cache-status: HIT
etag: "671d76fc-81ce"
age: 85129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGA3UXW%2BrJl1%2FFKTBGSwWOq9dsj6aaRkurCpQJhgVFqTej0G%2BBcYGuPZrsg%2BNWXvRE570bMAqu0q%2F1TFFpBSa%2Fcx2QK7y%2BwNadYjFgnoIODlKnh6IIbXuW7TxMiMCJ%2F3sFtllg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Oct 2025 06:35:39 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1102&x=1", cfHdrFlush;dur=23
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Sat, 26 Oct 2024 23:10:52 GMT
x-served-by: cache-chi-kigq8000081-CHI, cache-sjc10053-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.849187,VS0,VE6
x-styx-req-id: ae5bdda1-942d-11ef-ab31-aea2661ec2c6
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af855c17-SJC
accept-ranges: bytes
content-length: 33230
server: cloudflare

GET
H3 200 ormc_22_05230-1-350x120.jpg
www.ormanager.com/wp-content/uploads/2024/03/ 15 KB
16 KB 478ms
470ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/ormc_22_05230-1-350x120.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51bb3aea2e977a9cdd447643f74bbf6d33d9d7dea16a867efbedaf2b740ea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-z6jvj
cf-cache-status: HIT
etag: "65ef5409-3d96"
age: 85128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOyoWQXeA%2BJoNFYSX80yTXywtS9rw6JODqn3%2FSmnqm4V%2F4Age6P2T4Wat8Gyd4oj3e%2Fwpg3f61Xqm4KUkOvMO5XLnSLgfWbmuEz7JXMIqMibaCYG2XNjmXDf0jGvJZWsQE%2FXEw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 04 Sep 2025 05:38:54 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1104&x=1", cfHdrFlush;dur=21
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Mon, 11 Mar 2024 18:57:13 GMT
x-served-by: cache-chi-kigq8000150-CHI, cache-sjc1000109-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.129617,VS0,VE4
x-styx-req-id: cebaaf64-69b6-11ef-aa1f-9ade908bc062
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af865c17-SJC
accept-ranges: bytes
content-length: 15766
server: cloudflare

GET
H3 200 ORMC24-Social-Posts-22-100x100.png
www.ormanager.com/wp-content/uploads/2024/07/ 22 KB
23 KB 478ms
471ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/07/ORMC24-Social-Posts-22-100x100.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e06317ed2d9c779a6cbbe73ac7a614ca1b5fc845ec6fa473c1f18f7dff67b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-5d587d78fd-684rx
cf-cache-status: HIT
etag: "66830f5f-5922"
age: 45288
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBnP%2BnHgEr2HgnrLnxEeD6dzHLfymGT7I5OBW306pWMOEwHyyDqobwid%2FM%2FODiJJhnyjOw8kTVLB1dU729NitVN2o6t6FU1bqEARcNBUdwQnQ6lsKwyzVUSd96QL9wu94vKLnA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 02 Jul 2025 22:29:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1106&x=1", cfHdrFlush;dur=19
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 01 Jul 2024 20:19:43 GMT
x-served-by: cache-chi-klot8100160-CHI, cache-sjc1000128-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732057818.545209,VS0,VE73
x-styx-req-id: 67f5dc16-37f9-11ef-aa3c-96169af5812a
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af885c17-SJC
accept-ranges: bytes
content-length: 22818
server: cloudflare

GET
H3 200 4-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 384 KB
385 KB 479ms
472ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/4-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae96f5cef4e19c9f2a138f5b0368aad46a71f9f7852b8d55c11cb4bd33b8963

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-59b5bdfd9-z6dnd
cf-cache-status: HIT
etag: "65ef3557-600a9"
age: 85128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhdkD65iKb9Q%2FJrySmL963rtNaeLZalNJl0%2BxbM1yJp1N0ExwveROI2i1ApKGmE%2Bleq5ZJhiH5o7sT8lRMk653edOS9oLObLCwKWqC8f54BS6al9ClzkvhCQYUbuxgftGVy6eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 09 Jun 2025 07:28:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1103&x=1", cfHdrFlush;dur=22
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 16:46:15 GMT
x-served-by: cache-chi-kigq8000024-CHI, cache-sjc1000116-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.487164,VS0,VE108
x-styx-req-id: a4801cd7-2568-11ef-9c12-5a8caf2a737f
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af895c17-SJC
accept-ranges: bytes
content-length: 393385
server: cloudflare

GET
H3 200 5.png
www.ormanager.com/wp-content/uploads/2024/03/ 416 KB
417 KB 647ms
640ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/5.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b619fb48856262958728b749d6ae69c4c12f4d5a8373144ac7e325a2403d54e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7788459589-pcm5v
cf-cache-status: HIT
etag: "65ef355b-6814d"
age: 85128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOJT5LrNmDtak8qMAxdZQKqdyTCulx7RHZRGIpBfOnb6%2FGlIISIlRZDJ0%2BeUprtdf41schj2dyYcc%2Bm2mq4NeoGz4ro2CYUOBpGzBCpN8PqW4rTjFoI7hVoy61IebJhkJt9qJA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 08 Oct 2025 08:32:10 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1106&x=1", cfHdrFlush;dur=22
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 16:46:19 GMT
x-served-by: cache-chi-klot8100061-CHI, cache-sjc1000142-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017977.494781,VS0,VE5
x-styx-req-id: a54e14af-8486-11ef-8ffe-2686025a48ec
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af8b5c17-SJC
accept-ranges: bytes
content-length: 426317
server: cloudflare

GET
H3 200 1.png
www.ormanager.com/wp-content/uploads/2024/03/ 410 KB
411 KB 784ms
777ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bd37e17ef1fe27935d0af32ea06624988813a5cf89dc6f444edb47b5c53654

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-548957645b-96cpt
cf-cache-status: HIT
etag: "65ef354d-667b1"
age: 85128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaSGSMucTzZxnxPMt%2BmOl9VHRhe%2FLdIhg%2BtoSXgSiS3FaE7USrTFlvHcT7%2FmDoinVQexutipqm29f8Sg4CibIM6BS2E6BkviRyunrZdZW%2Fa7YkEn1hF91Zu0ZWoE40ZbwkcTHw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 11 May 2025 19:52:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1105&x=1", cfHdrFlush;dur=23
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 16:46:05 GMT
x-served-by: cache-chi-kigq8000168-CHI, cache-sjc1000087-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017978.962784,VS0,VE4
x-styx-req-id: e29172d4-0f06-11ef-a8ab-82ae20a853c0
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af8d5c17-SJC
accept-ranges: bytes
content-length: 419761
server: cloudflare

GET
H3 200 2-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 424 KB
425 KB 891ms
884ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/2-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beba8d621b4950294ebd97bc5f8187744eebb0d55647856a1a42d234064f75bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-gtjpt
cf-cache-status: MISS
etag: "65ef3551-6a05a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xB89YvoWk3s11%2F4b2nefvHcidbR0rgPZfT2cQo9LBSQ2nKE%2FONVVWzRKVIqpbLJzJjkUXnTC7Z0YZTDJkR5upoNJxPND8GB7cNMpc0cnYoOMWIPDu9W4CpSgkUX9ykjeU6gq%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 17 Nov 2025 10:41:08 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=111537&sent=863&recv=159&lost=0&retrans=0&sent_bytes=969862&recv_bytes=47177&delivery_rate=1811647&cwnd=413400&unsent_bytes=0&cid=34e1741264ae0e79&ts=1169&x=1", cfHdrFlush;dur=13
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 16:46:09 GMT
x-served-by: cache-chi-klot8100150-CHI, cache-sjc10052-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732103106.567893,VS0,VE57
x-styx-req-id: 49ea9196-a407-11ef-a5b8-2e1f68417a45
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af8e5c17-SJC
accept-ranges: bytes
content-length: 434266
server: cloudflare

GET
H3 200 3-1.png
www.ormanager.com/wp-content/uploads/2024/03/ 386 KB
387 KB 1001ms
994ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/3-1.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79898bfbe1e87e1fc9342125c30a7a9e1733a16d3d0b23e17731885d5b207a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-j7nn8
cf-cache-status: HIT
etag: "65ef3554-6077c"
age: 85127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaEbSBmr7AcLvILSi1eGN7h2esEQDyLk5OEPO7GPYkfkVysLlBN%2BMERftAv7U6cofZKLX53PqgWzdZcwh%2BQr2P0DHHsTYqQQPnDa%2B12MF1Tzfh03ZohFgn22Dp1I4CZpwvuM%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 06 Sep 2025 15:22:53 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1107&x=1", cfHdrFlush;dur=21
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 16:46:12 GMT
x-served-by: cache-chi-klot8100021-CHI, cache-sjc10033-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017979.680182,VS0,VE58
x-styx-req-id: b88b663e-6b9a-11ef-89c5-3e9692482580
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af915c17-SJC
accept-ranges: bytes
content-length: 395132
server: cloudflare

GET
H3 200 orm-240x80.png
www.ormanager.com/wp-content/uploads/2024/03/ 5 KB
6 KB 1127ms
1121ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/orm-240x80.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8936cb632799aea6cdd63fc728d4b6332d9f0785d562cf414ee208d387f0f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-777f57d6b4-2qqrj
cf-cache-status: MISS
etag: "65ef821b-1486"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXlASOkRpNz8scUqizreQl%2BTs1kTRKPVzT9K9YpG0aVNsTiUPLlN0TXivAu6Ngo6dfW8RxlUZa%2BTGCGuXDPlWs5rVfkGJx043N51uCo1iSHOp0vUiNv4hID6nzvFGZ4g%2B49Xcg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Jun 2025 21:20:01 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1120&x=1", cfHdrFlush;dur=11
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 22:13:47 GMT
x-served-by: cache-chi-kigq8000043-CHI, cache-sjc1000111-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732103106.572580,VS0,VE3
x-styx-req-id: 09d3e1f2-21ef-11ef-a74c-fa0bf1f3cf12
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af925c17-SJC
accept-ranges: bytes
content-length: 5254
server: cloudflare

GET
H3 200 orbmc-240x80.png
www.ormanager.com/wp-content/uploads/2024/03/ 16 KB
17 KB 1132ms
1126ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2024/03/orbmc-240x80.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416455c86e68ef950308d1e274895568ebf96ddee07165eb2bc9c64707693a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-t4bpl
cf-cache-status: HIT
etag: "65ef81e7-3f36"
age: 45288
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHKkLyvpZOpdG4jegs6OqsspvwMYmer1u6gBDhUQw9WkPAPe%2FBhQuLr9HMdSGt34wf%2FA6L2sZVRnePCdYM%2FsvuH6UUhkVnjiu4AmSRfvab35s8k1hN%2B7E9eafaIKq1y5JJOacA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 21 Oct 2025 03:09:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1117&x=1", cfHdrFlush;dur=14
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 22:12:55 GMT
x-served-by: cache-chi-kigq8000044-CHI, cache-sjc1000133-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732057818.580695,VS0,VE5
x-styx-req-id: a788ea05-8e90-11ef-9b29-d268eddcbd71
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af955c17-SJC
accept-ranges: bytes
content-length: 16182
server: cloudflare

GET
H3 200 41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg
www.ormanager.com/wp-content/uploads/2022/10/ 38 KB
39 KB 1133ms
1127ms Image
image/jpeg 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/uploads/2022/10/41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

489168ccbdeb0ec45ce5c7ce266303272b2bf198b730d888c3fabdab73b052e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86c9db48ff-k4xh4
cf-cache-status: HIT
etag: "6346e796-9793"
age: 85126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMxndAlqb0L5Q%2BuH1NuUo%2B6F%2FnwE45lfgOiHsaW9ZDCBOWCErBH3lYR8993albZMcw62O00Q4dmh5bvt16groN%2F7ELNXpym7yQyNfMO8KNVVfmTOwelSFL4k%2BIsZMfty%2FENo%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 16 Oct 2025 03:10:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1106&x=1", cfHdrFlush;dur=25
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/jpeg
last-modified: Wed, 12 Oct 2022 16:13:10 GMT
x-served-by: cache-chi-kigq8000126-CHI, cache-sjc10067-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017979.068320,VS0,VE56
x-styx-req-id: 0039ecfd-8aa3-11ef-b5f6-2e0a3bea5955
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af975c17-SJC
accept-ranges: bytes
content-length: 38803
server: cloudflare

GET
H3 200 education-center-top.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 31 KB
32 KB 1143ms
1137ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/education-center-top.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b3ee62bbab4fbd0e46cc715a920fe8956931222f425d2acfef31585eff6abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-s7t5s
cf-cache-status: HIT
etag: "67184d40-7c24"
age: 85126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfFll9k%2Bk48lQ555bPOqpSFq1VS46SYfKO8qIgM9r%2ByGgYi%2FPXuLZw5P4aF7bdofT8ufdLMwqS5CB%2FGLkzdBLchI2elZHx6aq7cdU60eMpn1U52lxiATi%2FAe%2Fl9Rq5HQ33S8Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 25 Oct 2025 08:48:10 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1106&x=1", cfHdrFlush;dur=25
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Wed, 23 Oct 2024 01:11:28 GMT
x-served-by: cache-chi-kigq8000098-CHI, cache-sjc10070-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017979.063260,VS0,VE4
x-styx-req-id: b2481b19-91e4-11ef-b661-aea2661ec2c6
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af985c17-SJC
accept-ranges: bytes
content-length: 31780
server: cloudflare

GET
H3 200 education-center-bottom.png
www.ormanager.com/wp-content/themes/orm-theme/assets/img/ 335 KB
336 KB 1148ms
1142ms Image
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/img/education-center-bottom.png

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c49e1205cdb3076a1e6697b709d9444db626281b8815dc992cc71a7909b78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-r8nq2
cf-cache-status: HIT
etag: "6731e0cd-53ad6"
age: 85126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHCyd5qZf2qhv5pRSeWyFlK7F3hDSeibHGIzmt3cD2oDmztH6A3vQrv9u5rB9VRogznjuYYC6qecwYVlVSWh1y5Qb3C%2FB8BcHKJPQFPAFTvayodcji%2FozsszRuObS5nRPBG7vg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 13 Nov 2025 17:24:09 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1109&x=1", cfHdrFlush;dur=22
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 10:47:41 GMT
x-served-by: cache-chi-klot8100087-CHI, cache-sjc10057-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732017979.157203,VS0,VE56
x-styx-req-id: ed708851-a11a-11ef-958d-f6cc3a16fbf1
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af9a5c17-SJC
accept-ranges: bytes
content-length: 342742
server: cloudflare

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 47ms
41ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"0831cba6a670e405168b84aa20798347"
age: 1189970
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 11:45:05 GMT
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 13:51:40
cdn-requestpullcode: 200
priority: u=2,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ef98012aaf2a6a3ebe16cda14ef8ee56
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e5831195fc2030a-MIA
access-control-allow-origin: *
cdn-edgestorageid: 878
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 css
fonts.googleapis.com/ 2 KB
627 B 107ms
89ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:700

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42d81a06c9d73f10215cbe1ed89af14c3779ef0215ddc6beec66ae9c21113376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 20 Nov 2024 11:45:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 main.min-3b043c51.js Show response
www.ormanager.com/wp-content/themes/orm-theme/assets/js/ 7 KB
3 KB 177ms
169ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/assets/js/main.min-3b043c51.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8f379e7798c0c19db5927db7c0aca833170d3f479f360d5b2f7200492cb0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-2rjxw
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ef50fb-1a67"
age: 21919376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdktM1ZPEPL3lM7p7tkpmStQ%2FureWpW3W%2FUQuXVJqWATzXOj1N4LkZFmWnDjbMAHs6558%2BR4Aa%2F5m29PlHibO2lh%2BGSlguspzTqDVfhYQvRqPRLH13aKpI8tJvjE%2FI52Uiq4Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 19:02:09 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Mar 2024 18:44:11 GMT
x-served-by: cache-chi-klot8100141-CHI, cache-sjc10059-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183730.638675,VS0,VE121
x-styx-req-id: dc9d1b08-dfd9-11ee-87f7-5e84227f08cd
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af625c17-SJC
accept-ranges: bytes
content-length: 2396
server: cloudflare

GET
H3 200 comment_count.js Show response
www.ormanager.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
1 KB 177ms
167ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.1

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7c479db4d9-g2msp
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f5b5b0-379"
age: 3509853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zPBXISFn7TsYhUNpK%2B9cIW4lWLQFeapEfmWTBEAitAfKmpOezaynMl1jvb7fRwNs2qJr0CPJQGxtFck4ROJZaIygb4OiMOIgzZvs2ZpLWtv6LTNmQTkcvnUGrqo9CspCW0heg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 27 Sep 2025 19:39:52 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Sep 2024 19:27:44 GMT
x-served-by: cache-chi-kigq8000096-CHI, cache-sjc10073-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1728593253.519100,VS0,VE4
x-styx-req-id: 198c0b34-7c3f-11ef-b516-7ab87fc3fd87
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af675c17-SJC
accept-ranges: bytes
content-length: 456
server: cloudflare

GET
H3 200 password-lost.js Show response
www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/js/ 902 B
1 KB 183ms
172ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/frontend-reset-password/assets/js/password-lost.js?ver=1.0.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8265097b8810ca03eecb3cbb7f454a3ff597af15840381e849aa9eeae3b5d7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5bbb8f6849-2s5dx
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6727c210-386"
age: 471246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQL4uVBxbHgy%2BpWLQd7CB8QlNxuFko52S0TpYwZ5VfGNylrXTbTzPmBgcNOPWYnpIuZaJ1TbKiafeWBfiPnU6EvXGbkaQJxl6%2BDVTgzZP0tz9yw3uCndDEB%2FpnjAiCVj7ELO6A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 05 Nov 2025 18:49:42 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Sun, 03 Nov 2024 18:33:52 GMT
x-served-by: cache-chi-klot8100130-CHI, cache-sjc1000103-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1731631860.953491,VS0,VE4
x-styx-req-id: 8d5532d3-9add-11ef-832c-1a3e28109877
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af695c17-SJC
accept-ranges: bytes
content-length: 360
server: cloudflare

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 207ms
108ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3ae23968c16ec39faa9f97db5ea5195b"
age: 18732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isX8b4%2FeOzwuqXulZWUpXD2d2qxrbK75luNGiJgafX3jkkLksS%2BAV15LsgSs4AA8KGPNIklX0eWCgeadb4j6r7%2FlxryS5PAK%2B9Pxf1Fx4vPYWgypIdGnPIJ2VHrVhbfkaPMLD%2F%2FF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e58311a0d0874a6-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 ai_social_sharing.js Show response
www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/js/ 129 B
1 KB 1299ms
1294ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/ai-social-sharing/assets/js/ai_social_sharing.js?ver=1.0.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-8688d6cf87-j5f6k
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6644d31a-81"
age: 16315315
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sKYS61RBpy%2BzLD3w9T9UpC8KgFZ6g31kr3Nl9baZNwyGQB5zRMmIRbguO0Ng2vg5XbREfq%2BxGCHbqAWekLqHmF99LsnzeHofdbUsu6EzRVex2lKWEqRXRV35%2BUj%2Ft3ekNPpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 16 May 2025 15:22:04 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1107&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 15 May 2024 15:22:02 GMT
x-served-by: cache-chi-kigq8000155-CHI, cache-sjc1000094-SJC
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715787790.284283,VS0,VE112
x-styx-req-id: e24d03eb-12ce-11ef-9304-4e7a1612d6c8
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af9b5c17-SJC
accept-ranges: bytes
content-length: 126
server: cloudflare

GET
H3 200 gtm4wp-form-move-tracker.js Show response
www.ormanager.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/ 1 KB
1 KB 183ms
172ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-66d79b4b7-qk47f
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc457-472"
age: 16906711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2BxNdOlCxsO%2BpG7MbNKYaoK09gbYdRbmoiT3JZl6ZPYiQjEmpo5QqEpCR9A2%2BuVEZjb0JsVqgi4umz9CGxykZRBtPuZChPllOwnbm7rDDH0NFku6Z7Kqt7s367RIuPN6XygAA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:01 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 08 May 2024 18:28:39 GMT
x-served-by: cache-chi-kigq8000036-CHI, cache-sjc10055-SJC
x-cache-hits: 15, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715196394.043230,VS0,VE118
x-styx-req-id: d7366694-0d68-11ef-8208-ce1bcc5ca899
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af6a5c17-SJC
accept-ranges: bytes
content-length: 316
server: cloudflare

GET
H3 200 wp-polyfill-inert.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 8 KB
4 KB 183ms
172ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5d77cc44f5-z4chc
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6675aedb-1feb"
age: 12067736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2J3AXdEQtGE%2F3BMUQ5prAmLDUoTM0C3C4Q5gkdXv077bUDQb2%2BWw4qUFycTvN%2Boe9JrYsZNOzUkPSuv6GwYQID0Ey6YkTDCR1Wi%2BtCM%2FUCJ400XkyjGIwB7Gx%2FeaYU0QMrR3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 23 Jun 2025 15:59:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Fri, 21 Jun 2024 16:48:27 GMT
x-served-by: cache-chi-klot8100073-CHI, cache-sjc10036-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1720035369.300568,VS0,VE5
x-styx-req-id: 6eec145c-30b0-11ef-8eb8-8245d19189a9
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af6c5c17-SJC
accept-ranges: bytes
content-length: 2786
server: cloudflare

GET
H3 200 regenerator-runtime.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 6 KB
4 KB 184ms
172ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-6fb56799f8-n9zl7
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67184d41-19e1"
age: 1362270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QLKOa%2BMSQe%2F51PrM20XbYwwSjT7LI1zFQJ%2BzvEW764qWpumHdvz5KH4EHCvDvrnlzEc3%2Bn1K%2FmhBzmCNH%2F7HSQ9bDMjzcYIMKvfTAz4Hf3F%2FtN4PADOGatCtUQHolch0ukR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 24 Oct 2025 02:36:46 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 23 Oct 2024 01:11:29 GMT
x-served-by: cache-chi-kigq8000152-CHI, cache-sjc1000098-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1730740835.352271,VS0,VE5
x-styx-req-id: a5ee15f5-90e7-11ef-ad89-162ee4625d5d
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af6d5c17-SJC
accept-ranges: bytes
content-length: 2706
server: cloudflare

GET
H3 200 wp-polyfill.min.js Show response
www.ormanager.com/wp-includes/js/dist/vendor/ 16 KB
7 KB 182ms
170ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-76fd768bf-spzwc
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ef5100-3f12"
age: 21919454
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ie%2B4zNw6fz7mgwjeRz%2FmOGeT1Z%2BEKmIbkLiSYAnnBlJ8extZEVGDO4MWtd9TGYOgJHvp2eGF6%2Bf4iSbW4ZigYYVFR545iR0W6UwGOEoXRAkH3Hf23wjiZzleWHrROHDiprCELA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 18:58:43 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Mar 2024 18:44:16 GMT
x-served-by: cache-chi-kigq8000088-CHI, cache-sjc1000130-SJC
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183651.304166,VS0,VE54
x-styx-req-id: 617583de-dfd9-11ee-b5b7-5278c98b8bf4
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af6e5c17-SJC
accept-ranges: bytes
content-length: 6610
server: cloudflare

GET
H3 200 hooks.min.js Show response
www.ormanager.com/wp-includes/js/dist/ 4 KB
2 KB 189ms
178ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-2w9x6
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc458-10d3"
age: 16906711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VI6evLbdDz3JVrhlpPLmgTo4Q%2FcUrZH7Rsm%2FW%2FshSMRM8KW9%2FSPNRFmFoe1Y8HGMOXKZsnBX6lTQro%2F3Xm476qtJJPXdB6t%2F3Lpt4D83Kehca5B1BGk%2B7YC97ROEcKLdizUYmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:14 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 08 May 2024 18:28:40 GMT
x-served-by: cache-chi-kigq8000132-CHI, cache-sjc10044-SJC
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715196394.173678,VS0,VE108
x-styx-req-id: ddee9d17-0d68-11ef-aa80-eaad830a048d
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af6f5c17-SJC
accept-ranges: bytes
content-length: 1632
server: cloudflare

GET
H3 200 i18n.min.js Show response
www.ormanager.com/wp-includes/js/dist/ 9 KB
5 KB 190ms
179ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-66d79b4b7-sp4l8
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc458-23b5"
age: 16906711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qz0uOa0l3n7sNKvtuoMVFoswqTNHqNlKQSQY8r%2F1QIwg%2BcAHAtmxN%2FxNTGxIRl%2BrFOeUKCiX5JOkV0RB78bP241AH2WdoUH5eOeCgGrce2eMP25RNGJnrVoXWjkuvJEHaaWDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:12 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 08 May 2024 18:28:40 GMT
x-served-by: cache-chi-klot8100050-CHI, cache-sjc10068-SJC
x-cache-hits: 10, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715196394.174976,VS0,VE62
x-styx-req-id: dddb0906-0d68-11ef-b962-5e6873469e9c
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af705c17-SJC
accept-ranges: bytes
content-length: 3913
server: cloudflare

GET
H3 200 loader.js Show response
www.ormanager.com/wp-content/plugins/wp-parsely/build/ 3 KB
2 KB 191ms
179ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/wp-parsely/build/loader.js?ver=71d37502d12f3838b80d

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1889f65ec8711c38d9f5789d2fcd4d2f13fa1d1e4b8b3bc4d4a7193c0fae5f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-867f44b44b-stjgw
content-encoding: gzip
cf-cache-status: HIT
etag: W/"663bc457-bf9"
age: 16906711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0gA6xOsjTRJfak9Y5PQT9UzAsYLL98L%2Bn%2FIWiEonr5UskYFk8H%2BIkcBJmhNqw7uWHIufIT%2F25PSGhPB1BIjdI2WwPwYi8l%2FORj0xoLto2YBNxuTEogCi8DRnjb8a%2Fp7%2FkEKvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 09 May 2025 18:29:12 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 08 May 2024 18:28:39 GMT
x-served-by: cache-chi-klot8100148-CHI, cache-sjc10078-SJC
x-cache-hits: 9, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1715196394.172484,VS0,VE114
x-styx-req-id: ddda7af0-0d68-11ef-b9bf-564b3e61d328
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af715c17-SJC
accept-ranges: bytes
content-length: 1374
server: cloudflare

GET
H2 200 p.js Show response
cdn.parsely.com/keys/ormanager.com/ 56 KB
21 KB 320ms
109ms Script
application/javascript 18.164.101.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/ormanager.com/p.js?ver=3.14.4
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-101-60.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: fb2cee04678c1077efdae27cc151b2a179e4884cedadebf24c4af3b36006980a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: max-age=86400, public
content-encoding: gzip
pragma: public
etag: W/"66f1b59f-dfbc"
age: 74536
via: 1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
expires: Wed, 20 Nov 2024 15:02:49 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: G9feRbaKopVWAo2AHS9fn2Rem_RhsU6anDCZprMcp3yC2m0JUNbQfw==
date: Tue, 19 Nov 2024 15:02:49 GMT
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 18:38:23 GMT
server: nginx
x-amz-cf-pop: JFK50-P5

GET
H3 200 new-tab.js Show response
www.ormanager.com/wp-content/plugins/page-links-to/dist/ 24 KB
11 KB 199ms
188ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-7864f69b8c-kn7cb
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d93efd-609e"
age: 6474802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3bVDTNknI2%2Bypbcna567OJs7FlK%2B9wbNBaMpL3zCrn1KKCDrSpCs9C50iJv%2FgKYQuq6tu3flROTlvgi0T5cFTJyEa%2BgdgOo0YPy%2BRWyJNhGHFJGFMWCnwwBJc57nbJjfAQ%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 06 Sep 2025 22:33:40 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1099&x=1", cfHdrFlush;dur=26
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Thu, 05 Sep 2024 05:17:49 GMT
x-served-by: cache-chi-klot8100122-CHI, cache-sjc10081-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1725628303.085867,VS0,VE5
x-styx-req-id: e6689a03-6bd6-11ef-a7d1-4af3af052092
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af735c17-SJC
accept-ranges: bytes
content-length: 10020
server: cloudflare

GET
H3 200 core.min.js Show response
www.ormanager.com/wp-includes/js/jquery/ui/ 21 KB
9 KB 197ms
186ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-697df49749-lz9jl
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6672a1eb-53be"
age: 12187491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrvxiTdEULNDTRpLn%2BEcC7Y0Y8l3sc4QntmY8alme%2FT7738gwIjl6SihNZowo3BSnWT6nvKio5gNQqRVsSv%2BRwLqX0dI35fYuqJ8Nr9EwsOgytkY0J2OBMDU2nfpvljvQeEdSg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jun 2025 18:46:12 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=110912&sent=559&recv=142&lost=0&retrans=0&sent_bytes=621740&recv_bytes=46402&delivery_rate=1162073&cwnd=262200&unsent_bytes=0&cid=34e1741264ae0e79&ts=1097&x=1", cfHdrFlush;dur=28
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/x-javascript
last-modified: Wed, 19 Jun 2024 09:16:27 GMT
x-served-by: cache-chi-klot8100134-CHI, cache-sjc1000144-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1719915615.662262,VS0,VE4
x-styx-req-id: 33455173-2e6c-11ef-84f4-c21f05638e16
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e583119af755c17-SJC
accept-ranges: bytes
content-length: 7931
server: cloudflare

GET f9d10ca5-7ea9-4e05-b709-205f20d79fb3
https://www.ormanager.com/ Frame 0
0

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 216ms
73ms Preflight
application/json 18.164.116.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-7.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 20 Nov 2024 11:45:05 GMT
via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-apigw-id: BizGSEMRoAMEqzA=
x-amz-cf-id: 1UHJUl6PYTbRjeQGeYpDrbpx6EyILGRF40pgejKsG2N5WAqTSfBcfg==
x-amz-cf-pop: JFK50-P6
x-amzn-requestid: ed978bdc-451b-47f3-b846-7495ada0c93b
x-cache: Miss from cloudfront

POST
H2 204 record Show response
consent.api.osano.com/ 0
435 B 158ms
155ms XHR
text/plain 18.164.116.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-7.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ormanager.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-amz-apigw-id: BizGTFRRIAMEptg=
x-amzn-trace-id: Root=1-673dcbc1-50ae75af6ca70f3c0e3386f9
access-control-allow-methods: POST,OPTIONS
x-amzn-requestid: 47619873-d7af-4aab-abea-92236537b795
via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: Y9G-JatKpedqv7rh3lhzjaJxYJ_QhrrcrBizJo8H4ORQwjn_hf-Eng==
date: Wed, 20 Nov 2024 11:45:05 GMT
x-amz-cf-pop: JFK50-P6
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With

GET 933a9c18-e903-4831-9666-e5e1f52b32f6
https://www.ormanager.com/ Frame 0
0

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 253 KB
70 KB 90ms
85ms Script
application/javascript 2600:9000:21f9:5400:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f9:5400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

28753f5795492b8a49f887adad7bf0e8109d396fac7d21f4c0a2e9d9ecef9fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
etag: W/"258702-1729249358000"
age: 20207
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 00:08:14 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 47Q-sRAhLvdJRDMzypnahzzd6BblwlOd8QR-pNzIR4hcnOOtAtsBZg==
date: Wed, 20 Nov 2024 07:18:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 11:02:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=21600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7922a002a59b7f43e6eb47ceba9a3654.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P10
server: Apache

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 235ms
105ms Font
font/woff2 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://fonts.googleapis.com/

Response headers

age: 488356
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 20:05:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 20:05:49 GMT
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
20 KB 280ms
150ms Font
font/woff2 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://fonts.googleapis.com/

Response headers

age: 489630
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 19:44:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 19:44:35 GMT
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/webfonts/ 155 KB
155 KB 199ms
103ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/webfonts/fa-solid-900.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/all.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6505f9fbf677adebc067d650497fda74ed24622632c1e2d13d4f0f89a46ea536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/all.min.css

Response headers

access-control-expose-headers: *
etag: W/"26a0c-N/fbTiMQgLQKG3knMJefXtKncRg"
age: 40563
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: font/woff2
x-served-by: cache-fra-etou8220039-FRA, cache-mia-kmia1760043-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 158220
x-jsd-version: 6.7.0

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 337ms
208ms Font
font/woff2 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://fonts.googleapis.com/

Response headers

age: 357090
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 08:33:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 08:33:35 GMT
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 0
server: sffe

GET
H3 200 fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/webfonts/ 116 KB
116 KB 162ms
68ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/webfonts/fa-brands-400.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/all.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

93377095748730677d7f412542cf09f2c9612e3829bf82fdbd5d392a18fa3000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@latest/css/all.min.css

Response headers

access-control-expose-headers: *
etag: W/"1ced4-z2fmfg8Mr/QifcLRPMIn44VgQx8"
age: 30389
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: font/woff2
x-served-by: cache-fra-etou8220104-FRA, cache-mia-kmia1760043-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 118484
x-jsd-version: 6.7.0

GET
H3 200 7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 193ms
65ms Font
font/woff2 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://fonts.googleapis.com/

Response headers

age: 489432
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 19:47:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 19:47:53 GMT
last-modified: Tue, 19 Apr 2022 19:11:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23368
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 883052591
player.vimeo.com/video/ Frame ABF4 0
0 412ms
261ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/883052591?badge=0&autopause=0&quality_selector=1&player_id=0&app_id=58479

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8e58311b588c02f1-MIA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Nov 2024 11:45:06 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Origin, Referer, Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-6b7864f6cf-ftbxd
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-6b7864f6cf-ftbxd
x-player-backend: g
x-served-by: cache-mia-kmia1760053-MIA
x-timer: S1732103106.842359,VS0,VE139
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
104 KB 362ms
158ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRPWWRB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

300ad9ef483fbb3ad101d36dd448c85a5a02f98b47fe593a2c4a11763747df13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106231
x-xss-protection: 0
server: Google Tag Manager

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 276ms
128ms Fetch
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6471574396279184101
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53342
x-xss-protection: 0
server: cafe

GET
H/1.1 200 61942ff8-1ced-4671-bb66-4d3b55afba4b Show response
cdp.omeda.com/olytics/segments/o/5ac59219d50647e1aa2b6e4c795e740a/c/null/a/ 25 B
346 B 374ms
73ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/o/5ac59219d50647e1aa2b6e4c795e740a/c/null/a/61942ff8-1ced-4671-bb66-4d3b55afba4b

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Cache-Control: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 25
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Wed, 20 Nov 2024 11:45:05 GMT
Content-Type: application/json
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 48ms
48ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
age: 12057495
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 09/03/2022 05:37:54
cdn-cache: HIT
cdn-requestpullcode: 200
priority: u=0,i=?0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d17bd5de57bbfc26a9bb1c685d181890
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.02
cf-ray: 8e58311b6f0874ca-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64464
cdn-edgestorageid: 976
server: cloudflare
cdn-requestcountrycode: US

GET 483e5c1a-c356-46e3-8f0e-627498b4e4f9
https://www.ormanager.com/ Frame 0
0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 105ms
104ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 118
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 11:43:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 11:43:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
68 B 140ms
139ms XHR
application/json 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ormanager.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f0e0a53ae225bfc95bc048cffbb4825fe7f3b12d2efae39e0812e70329956a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 44
date: Wed, 20 Nov 2024 11:45:05 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 348ms
73ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1732103105857&plid=00688958-f391-41bd-876b-36595c96e735&idsite=ormanager.com&url=https%3A%2F%2Fwww.ormanager.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.ormanager.com%2F&sref=&sts=1732103105854&slts=0&title=OR+Manager&date=Wed+Nov+20+2024+01%3A45%3A05+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=7b3902d4-957c-4540-a731-4a26c0fad4ae&u=pid%3Dabbc6413-9878-4848-80db-ced0daf63ce1
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Wed, 20 Nov 2024 11:45:06 GMT
Content-Type: image/gif
Last-Modified: Wednesday, 20-Nov-2024 11:45:06 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 forms.js Show response
www.ormanager.com/wp-content/themes/orm-theme/js/ 0
919 B 904ms
904ms Script
application/x-javascript 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/js/forms.js?version=1732103105883

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-a-5fd5dd84f9-gvw7r
content-encoding: zstd
cf-cache-status: MISS
etag: W/"673c0569-0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3HsxvHEQ8TPUbkJjyXTvRCIGFxYZqMG7YLaKwy2aRHyg3dCMno9sXp3v5%2BdDBTeUFEFZDW1y67AqE3i%2FZsjF1y%2Bwv2I9S4zo1zDdj0dTH%2F95KtaOxjGrbMemg2p42rIpbDUkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 21 Nov 2025 11:45:06 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=166760&sent=1932&recv=286&lost=3&retrans=3&sent_bytes=2206669&recv_bytes=54168&delivery_rate=2405649&cwnd=277998&unsent_bytes=0&cid=34e1741264ae0e79&ts=1600&x=1", cfHdrFlush;dur=6
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 03:26:33 GMT
x-served-by: cache-chi-klot8100155-CHI, cache-sjc1000136-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732103106.984252,VS0,VE72
x-styx-req-id: e2fdd884-a734-11ef-9adc-32065d533100
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e58311c59655c17-SJC
server: cloudflare

GET 19aa1c95-eb66-49f8-bf13-cee07528ab50
https://www.ormanager.com/ Frame 0
0

GET f8336dd6-d39e-4c4f-b263-742dfc05b858
https://www.ormanager.com/ Frame 0
0

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 19EB 0
0 137ms
49ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 10792
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8e58311cba16a54f-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Nov 2024 11:45:06 GMT
last-modified: Wed, 20 Nov 2024 08:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiM%2FyShRIsvLU1iwmMTzbq52pzQiIV1LvCPXCnggX0KCiNeaFHJqy3j%2FMTecgCkRffbPeaOmQQpkhDY8PK%2Fzo%2FAl8nO9JsqB9L%2FmqvZP%2FZcGucAjXu6pTVlqjXMSi%2FiikGVDJ97I"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.junnp81e.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 154ms
52ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.junnp81e.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e6e4834d2c3691bbe81e6cdbd5ea9b75"
age: 12679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dABsz%2FkbQXuS90F9qVQ%2BQzs6HDiU6TgzRemwAWUWOhOiHjt2YXzcGCgRYM50WqAWx4SO2nbgESrHEA64CCoIWzFiZ3b360eOP6%2BPOZLMGmkAuax1%2B1WEgvgGzWc7SNrPHUufXx%2Fr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e58311cb958a53f-MIA
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK count.js Show response
ormanager.disqus.com/ 1 KB
2 KB 130ms
30ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ormanager.disqus.com/count.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Content-Encoding: gzip
ETag: "6733965e-367"
Age: 183
X-Content-Type-Options: nosniff
X-Amz-Cf-Id: rp7MyxMx4DaGg4vipKhW0a0UYkOazw1cKB9uP7Ccfqrk7diKnzYulA==
Date: Wed, 20 Nov 2024 11:45:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 12 Nov 2024 17:54:38 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control: public, max-age=300
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 871
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: DFW56-P9
Server: nginx

GET vms.js
vmss.boldchat.com/aid/322065871255520080/bc.vms4/ 0
0

HEAD
H3 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0 0ms
0ms Fetch
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 322 / 20047 / 31089086 / config-hash: 17384341808261462643
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 11:45:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33315
x-xss-protection: 0
server: cafe

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 300ms
68ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Wed, 20 Nov 2024 11:45:06 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
359 B 81ms
80ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.ormanager.com/

Response headers

Cache-Control: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 15
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Wed, 20 Nov 2024 11:45:06 GMT
Content-Type: application/json
Vary: Accept-Encoding
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame E2D3 0
0 182ms
66ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:06:57 GMT
expires: Wed, 20 Nov 2024 11:56:57 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 337 KB
32 KB 210ms
210ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4456239675412577&correlator=2521794419709429&eid=31086815%2C31089058%2C31089086&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1-N-&iu_parts=987%2Cormanager.com%2Cormtopsquarecontent-new%2Csuperleaderboard%2Ctopsquarecontent%2Cbottomsquarecontent%2Cormmediumbannertop%2Cormmediumbannerbottom%2Corm-fluid%2Corm-native&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9&prev_iu_szs=300x250%2C970x90%7C728x90%7C728x250%2C300x250%2C300x250%2C970x90%7C728x90%7C728x250%2C970x90%7C728x90%7C728x250%2C1x1%2C320x50&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1732103106200&lmt=1732103106&adxs=-9%2C315%2C1085%2C1038%2C215%2C215%2C0%2C-9&adys=-9%2C68%2C604%2C1346%2C2045%2C5742%2C5991%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C2%7C3%7C4%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ormanager.com%2F&vis=1&psz=0x-1%7C1170x40%7C300x40%7C365x250%7C1170x0%7C1170x0%7C1600x0%7C0x-1&msz=0x-1%7C970x40%7C300x40%7C300x250%7C1170x0%7C1170x0%7C1600x0%7C0x-1&fws=2%2C4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&td=1&tan=7c553bea-1df4-4d26-acfb-699e614881f4%2C7c553bea-1df4-4d26-acfb-699e614881f5%2C7c553bea-1df4-4d26-acfb-699e614881f6%2C7c553bea-1df4-4d26-acfb-699e614881f7%2C7c553bea-1df4-4d26-acfb-699e614881f8%2C7c553bea-1df4-4d26-acfb-699e614881f9%2C7c553bea-1df4-4d26-acfb-699e614881fa%2C7c553bea-1df4-4d26-acfb-699e614881fb&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732103104709&idt=1414&cust_params=path%3D%252F&adks=713554733%2C788330896%2C1281250951%2C4939820%2C225432649%2C815957813%2C2317461458%2C2625097436&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e26b8467413de372610a038ba75b91a60d1cd52133f836c5a8ca960751a9ad12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
google-lineitem-id: 6818028126,10548932,6818028126,6818028126,5153279908,5153054793,-2,6835857500
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138496573927,138424100583,138495159817,138496573939,138424100583,138425834605,-2,138495155221
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.ormanager.com
content-length: 33157
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B1A 0
0 244ms
75ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:06 GMT
expires: Wed, 20 Nov 2024 11:45:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 4 KB
2 KB 196ms
59ms Script
text/javascript 69.28.187.147
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-187-147.iad.llnw.net
Software: AC1.1 /
Resource Hash: 64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
age: 554478
x-llid: b5e572315a0ed314ad77ad77f62906f1
accept-ranges: bytes
content-length: 1714
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: text/javascript
vary: accept-encoding
server: AC1.1
last-modified: Tue, 02 Apr 2024 15:41:58 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 88ms
84ms Image
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 87ms
86ms Image
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 86ms
83ms Image
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KRPWWRB&v=3&t=t&pid=1681777261&cv=17&rv=4bj0&tc=14&tag_exp=101925629~102067555~102067808~102077855~102081485&es=1&e=*&eid=5&u=AAAAAIAKAAAAAAAAAAAAAAAY&ut=AAAI&h=Ag&hf=0__html&ht=p__html&tr=1googtag.1asp.1paused.1paused.1sp.1cvt.1cvt.1cvt.1cvt.1cvt.1flc.1lcl.1html&ti=2googtag.2asp.2paused.2paused.1sp.2cvt.2cvt.2cvt.2cvt.2cvt.1flc.2lcl.2html&z=0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET ce0b3962-5aa2-4a48-96ed-fdb49df0ad9a
https://www.ormanager.com/ Frame 0
0

GET 8afd2863-2d83-4430-8098-2ab98a691a3e
https://www.ormanager.com/ Frame 0
0

GET 87a7b013-fa92-41af-bb1c-d643d20735df
https://www.ormanager.com/ Frame 0
0

GET ddbc7f29-49fc-4302-8068-6cde3daa36e4
https://www.ormanager.com/ Frame 0
0

GET 4046948e-af1d-41f1-927b-be0ebcc9774c
https://www.ormanager.com/ Frame 0
0

GET 11f45753-956b-4596-81f4-7af0801b9495
https://www.ormanager.com/ Frame 0
0

GET 09b476d0-3269-4919-9f3d-f031e4b8fd4c
https://www.ormanager.com/ Frame 0
0

GET 037ad158-e9f5-44fd-8c26-c3b55ddb667d
https://www.ormanager.com/ Frame 0
0

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 76ms
74ms Image
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 354ms
103ms Script
text/javascript 2600:9000:23cb:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 3545
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: R1jbvyEGJLj0NcLK-KCJPtqoBk7hpsb4acm7slvpuQlut-XeeGn6fA==
Date: Wed, 20 Nov 2024 10:46:02 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 428 KB
135 KB 108ms
108ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c278e0ceef700aa25ee3ac1ff91b59943040f64e2feb5a2fb24c778b8f23bfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 20 Nov 2024 11:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138135
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 152ms
151ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-751974586&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0eb459d44c50d3bc86bbaa6f6826f3e0bfb0b94584392063cd508539f00fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 20 Nov 2024 11:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90756
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 144ms
71ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-eXjpcMS8' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-eXjpcMS8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: zMUHR3Os//4z3XfyOGDm51RCkGsPogD8csFe14tqBO/CDkrG9kgZL/wWcEkBCBCVsSFoeFVB8haSa6bviDk+Xg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 b1wfmjvz Show response
widget.intercom.io/widget/ 7 KB
3 KB 245ms
97ms Script
application/javascript 13.249.91.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/b1wfmjvz
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.91.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-91-16.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d40f7b29da3fbaa5ba31a50936168734539a9ed378d02e4d7b68468f0defcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
x-amz-version-id: wJCks8dWz_m6i9LSKF.FOvFUjbA9OEMD
etag: "44ca4c9ee4cafd4feb0ae36c59c76f91"
age: 394
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 0CG9H8-QrUirt_bRJ_UAmUmiT5JXpZpKBD3QDeH5t987IhOYuAk1Mg==
date: Wed, 20 Nov 2024 11:38:34 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Tue, 19 Nov 2024 06:22:16 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 06a2a91727cd0dfdaa1154422bcbc726.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2665
x-amz-cf-pop: JFK52-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 w.js Show response
ssl.luckyorange.com/ 5 KB
3 KB 137ms
46ms Script
application/javascript 2606:4700:20::681a:4f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.luckyorange.com/w.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"e31293f40e8a324de552ff593ee76a9b"
age: 2479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1xNqcaFMXrffmIl4lXUOY9PIcLM8ydZlFsLaO4oPmtPpOk0rbLtyVGigAP%2Bfr%2BTYVurx5MkHKH7iyLBSjaO8pwCmAzPqjDoCcaVu0FSmvera0nLtPPPIdQu1Q4Q1Ee6XlsvNu1x9YH8vlsieTdH3Ko%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=30627&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4002&recv_bytes=2235&delivery_rate=125447&cwnd=252&unsent_bytes=0&cid=13dfb2f425bc805e&ts=58&x=0"
x-cache: Hit from cloudfront
x-amz-cf-id: KiQwRIaSW6YbVlVv_pK2qu3MJCv6xAMX8DJdRZif4dgHaAAY_CCUlg==
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
vary: accept-encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b3879c23ec3b402566708cfe9d0ddc18.cloudfront.net (CloudFront)
cf-ray: 8e58311f5c517429-MIA
x-amz-cf-pop: MIA3-C3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 255ms
95ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js?account=D3N8S6eZYY
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1da701210c2ad11dca7dc468826427a8"
age: 290
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: rrXiaDIRldaY5Izzj4b6JaltEQOw9da8PvS7VOVuQxW3nkdCU_B0dQ==
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 13:50:15 GMT
x-77-nzt-ray: f03d061358d2ba50c2cb3d672a3f9e21
vary: Accept-Encoding
x-77-nzt: EgwBT3/O6QH3pQkAAAwBnJI74gG3OwAAAA
cache-control: max-age=3600, public
via: 1.1 4da3e729faec3d2f5eeca39813785c2c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 2469
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 80ms
80ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12891178&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca36399c28deb59a8d860835cb19d0a357cb2ae05cb646c7a32501a0ad27eea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 20 Nov 2024 11:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85817
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C43D 0
0 127ms
127ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHtmdgJqPRx6o-2l9NsftIXRS521K_aLGkUcf5kEUgBIqs0B-mNbN4n61TIkho-07NfSKJX-eQ1a-2gJYhwKmPRCDvxo-WMisasXTi6Ckos1Q_jy28UfIpp5MA0dp0fl2gEBPCQYHUECUT3YyOMKo7-UMvH54X-TL-6LqmTfzxb0sXM3s0O09Iw48-0XCy2Cjx66OS0LfDTgoiuCxehAUTR9KDHgscXUlym0YT-MtZfceP9ZcRbx4LARcXx6r__QtgOhSAqSyZ3AYBIXSn157vcaVnMWictvvLPVMECXLqRq4vOurulM_LgvW7T395NVOdLvRWOBVY2MNdzHaqS1enkK887IPBNeQUI6EmthxixxpGwRjbeTzD0i7iCLKbxK2wFZJ17ewhGLqZGiFoZMQ&sai=AMfl-YSf2IezxD7KaByuAUdytVsbXvyrtnSSv4Y0HgA_UvkebW6q1G2uS344uI9z4hHMGHkcOgEmDVCqP8PYHUnPhMBJheiw6LF1ZaKaMfaLoc1Wkg551ebBsDAlWuu0A_zFSbdPscKlesayF7-ECoC5&sig=Cg0ArKJSzDFs3Fv0KKkmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/ Frame C43D 3 KB
2 KB 261ms
62ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 275
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 11:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:40:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C43D 217 KB
67 KB 104ms
102ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 8962156172764653982
age: 474
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 12:37:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:37:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69018
x-xss-protection: 0
server: cafe

GET
H2 200 12264667241098488812
tpc.googlesyndication.com/simgad/ Frame C43D 50 KB
50 KB 391ms
195ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12264667241098488812

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

301d6b687e4615422935b88ddd18d7196c08f796d3a762e62ae6a32e1629830b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

age: 349745
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 10:36:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 16 Nov 2024 10:36:01 GMT
last-modified: Mon, 27 Feb 2023 20:41:28 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 51338
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0281 0
0 121ms
120ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWhKjPEoFWuMFIjk96rIij4f6_h4Tl6raoQzYQdD297PM1EkkmAT0-nRDXlN2Ip1Rl9ayPfh0rGKVXu3nTpumduH2dpIu2C4blY0DyEOh3zIj7DVvGzpEMeB4q7M1ke70_GsUyWPjdfkzWhr4z5LGX7bRPBBpBup5Lg8e7fQbAoX8QWF2c3JhWAqhahZNXECm4qNLP58DRxZ8UdCuNc6gtgowC3c3cz1mvmfgldyVWDralVSVYdXjgNzJWsCAfSp2V_aEguldJEwhe4UbD5gpNIrdsF5KgG8M2MAq6hExCMRyavbWgm20Z4u1JFaA0ApmYkY-RDOc_bSt5nVsrj4pYQz-j4XTOFaXTqIQwP2BOgauC_KYBrqX_6TRTdngzrx1SLTgqejVXE58qk1zpLA&sai=AMfl-YS6jq2F4Zs7wX7B7E25tJ6iLH-fMFQfTj4sf49oN_PMr8s1eIPbqmYUtgm6DXu-NLOJWQrgDXjQcc2gVlulamZSS4NfIfjSwc3YDXMypITylKXdC25BNur8yGEmNNfMWV0tjYnuxWVFZe5-s1jw&sig=Cg0ArKJSzEfqeBNsjB5gEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/ Frame 0281 3 KB
0 247ms
247ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 275
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 11:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:40:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0281 217 KB
0 90ms
90ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 8962156172764653982
age: 474
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 12:37:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:37:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69018
x-xss-protection: 0
server: cafe

GET
H2 200 16411413650928900001
tpc.googlesyndication.com/simgad/ Frame 0281 60 KB
60 KB 340ms
158ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16411413650928900001

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76bb296c912b62b88eb6ca3589956f6961105d2cac7ff6fab4350ab1f7598e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

age: 387050
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 00:14:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 16 Nov 2024 00:14:16 GMT
last-modified: Sun, 27 Oct 2024 05:13:24 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 61539
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 334C 0
0 126ms
126ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjUtcPOpgGULaekMdllJZ6rZURtAKYuPW2Dqn4WzHNbYYRE8dRbuBdJCMPjWChli5ig2LqxLG7D6xHISiyi3XnVUE4ReMso7d6bLdYifyjQoHI0npyMmljVRBe7oXLk-I4VA30IkzdyQVfHW7UeBz4xpQk_d2jQJwegkoo7H4ZxUVQKg1fIR2kxM0P1NNnXfCWclxQIlujgMIjfOBO46yLlDgUTub4XG6R28zzl777xa7Dh0oqRjO-q2hC6-7lm34gi0ySUqoiXszw3UNLsOgqEDParjn_f3s10LPJV3k_g1BtuPPwarwihmrig4zCRZ3dl3dlaFsFDFXv_sHHwgGJpOGzTRDgsAUGEqyPpY0k4CvlYU8GN280hxKYLms--Wa60Ebf72VuWp90dhsLfsf92A&sai=AMfl-YQslzY3y9L4ZkO7JeMIi5XvdM_QvF2FsqsrkwYL8H4OTZPp5eYPjDJMZsM2JUjT3I2hl4wPIVRIG1bnrAT2b4X57iwax2N5cEW005f-8C2XbYXlcrUVvuyjSq4sYHI37gEjV7KqfE2jfnBD4WVx&sig=Cg0ArKJSzCDwMrI9OgxUEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 16411413650928900001
tpc.googlesyndication.com/simgad/ Frame 334C 60 KB
0 328ms
328ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16411413650928900001

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76bb296c912b62b88eb6ca3589956f6961105d2cac7ff6fab4350ab1f7598e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

age: 387050
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 00:14:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 16 Nov 2024 00:14:16 GMT
last-modified: Sun, 27 Oct 2024 05:13:24 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 61539
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/ Frame 334C 3 KB
0 233ms
233ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 275
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 11:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:40:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 334C 217 KB
0 77ms
77ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 8962156172764653982
age: 474
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 12:37:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:37:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69018
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98F4 0
0 124ms
124ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF-hv6Qe8MOBiKfb2zvqdBtKdQJagGpqQIcHCdo5PCo69CXlFfwiqOxTnLty4UoaCGRlByULRJHQwKt30G6AKJEGr5iqhzLqtmGNu6etVsz1jQFwSCbY7UIzePZeFqXvuPqmllGsigRdThCt_HEW2tKe8_fhL332r4M4bs9KulD5EdWZP2QMqKNbqkT2rFDO01C4dlHkqlrAXSqg0HLhinEBffDW9cBn6COrEZGb82dFh4a8NW1VYeFXy-iO-HOjoHJs0HCBY0vix8p7MruMLy21bLocLgvbfqhQrkSaAOEP0aBg0_dZU95HWjQTSgd6Z2NjnT6aZdyBLsDu4Ax3MA13PLN9_-fqsg0g3a4ZeljbW3udhgqfGqLIn9QxhDUHxqD3jeNpQWr52APozLM3zqfo4&sai=AMfl-YRqSItws3InxiePfYW6L6XxL7zlW6ek0izS-5CenzAu6s94QO8ZfF4a4lQypmHK8Zc7x-BqCGdaQ3KUFLChwLAXEFF7ciQlTT6tjsMVrNx0Dk7SiA-3ydE0wVXHPNuGvaiviCZqrXThuM7pcwPy&sig=Cg0ArKJSzMEXu8QRbhJZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 12264667241098488812
tpc.googlesyndication.com/simgad/ Frame 98F4 50 KB
0 340ms
340ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12264667241098488812

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

301d6b687e4615422935b88ddd18d7196c08f796d3a762e62ae6a32e1629830b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

age: 349745
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 10:36:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 16 Nov 2024 10:36:01 GMT
last-modified: Mon, 27 Feb 2023 20:41:28 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 51338
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/ Frame 98F4 3 KB
0 56ms
55ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 275
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 11:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:40:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 98F4 217 KB
0 65ms
65ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 8962156172764653982
age: 474
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 12:37:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:37:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69018
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame C43D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b286eb0171f45774b86c3a561d31c209272cccbab6a0b2e57b460f85cbf492f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0281 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00426c5f1a33d40d140a64dc113f9fbf545602474782e044d0155e3dadef6a62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 334C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f7af18f3d0fc3bfce827aacf924aaa1da642cb90a68cf4b5f1ee4ee1421ef5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 880a3b7967dc2147a2e0f91f6d8f0992567ec729b43d1663c06f44603d8a48e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE85 0
0 116ms
115ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKXKrRwhG0TW03eUSuQGD-9Ia9CpIFANeEjzxgN79sWzsMy9G3AihggYr-bbHhMUlgOXERAZBzzLv1VvrjmdyNdZO0aPn8hypj89I8WGHVLiTXZlnhBsfTE9kInD_34_CUjr2QwHwht04lbL8jq2YeFql-WLmT9b15dTYILUZiRHPFaeJrs1au9174Y436Xg-pdX5dctZAI0JmlUeUzoQEcuFNoPBP2uiOPLsUMRTlnRL85_7u8uvGsSmY85Ad9C40oN_gryC_F0Ps_TkcdAohTkjL2WBlcLK-7uIEb9JHFaIl_RAL-dUPuilDovd4jRTPk4f3g7oeXZCI_BVggObieASUJs2v301KXSronO_3mSo_ya2sSyBasdinjyIWLHLHzIVWAaQSeYhQvZkpKN6RKVVP6TM&sai=AMfl-YQvgkeHv9W9ZjTF8dgh90dmiPfvUSWmEix7PBraONFqVK3tfrACyPf9HvWpfsLQbrjwMDbNrtrV-dt5S61dg2GMsGcMANr_xwqFmQU2FPrS9mSrtEzN-FNL3DZyAhDtJuGwvCiBHmneJYNuhTXQ&sig=Cg0ArKJSzPj7VzUSHJYlEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/ Frame AE85 3 KB
0 57ms
57ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241118/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 275
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 11:40:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:40:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE85 217 KB
0 40ms
40ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: br
etag: 8962156172764653982
age: 474
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 12:37:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 20 Nov 2024 11:37:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69018
x-xss-protection: 0
server: cafe

GET
H2 200 14393604157130997498
tpc.googlesyndication.com/simgad/ Frame AE85 44 KB
45 KB 173ms
66ms Image
image/gif 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14393604157130997498

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

129ea57e87d74fc7c803b247f69db2ec826d566fb6e61d812412e21c894f9b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

age: 455486
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 05:13:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 15 Nov 2024 05:13:40 GMT
last-modified: Thu, 09 Mar 2023 22:33:16 GMT
content-type: image/gif
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 45471
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame AE85 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73600985966bcb1cafedc65035d887c1744799a7f60dcf7c8c09c53ec6144dc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
2 KB 217ms
100ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.ormanager.com%2F&s=330014

Requested by

Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa19b8989bdceb7c2c53fef9e382c3602ddc88bbbd0f1b1c9c81f4cab9404607

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7K4XOBuRwBNSSTaU%2F5V9etUeOU8fVY8UG1%2Fvq2Xd46DBY70AmmB%2BbzB612lvz9eoCif7sssXh3%2FiWQr2zAxC%2BIAGresGVCyJANKl3sqH75NC3atRxUlkEz6TeUH%2FkDxPUoW4NU3EjBuwqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=39340&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2248&delivery_rate=108039&cwnd=254&unsent_bytes=0&cid=a792c6d5803de80b&ts=114&x=0"
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e5831212a77a54c-MIA
access-control-allow-origin: https://www.ormanager.com
content-length: 821
server: cloudflare

GET
H2

200

activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
12891178.fls.doubleclick.net/ Frame FFCE
Redirect Chain

https://12891178.fls.doubleclick.net/activityi;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
https://12891178.fls.doubleclick.net/activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab...

0
0

84ms
82ms

Document
text/html

142.251.40.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12891178.fls.doubleclick.net/activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F?

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 376
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:07 GMT
expires: Wed, 20 Nov 2024 11:45:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12891178.fls.doubleclick.net/activityi;dc_pre=CMmunfPq6okDFXRQRwEdfmoHSA;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45...
td.doubleclick.net/td/fls/rul/ Frame 30BC 0
0 312ms
85ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F?

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 0
22 B 182ms
101ms Image
image/png 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12891178;type=aiorm0;cat=levla0;ord=4643021705930;npa=0;auiddc=949841746.1732103107;ps=1;pcor=278575397;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bj0v9175490358z8830755158za201zb830755158;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.ormanager.com%2F?

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"1389964575850289398"}],"aggregatable_trigger_data":[{"filters":[{"14":["45630049"]}],"key_piece":"0x31be085581c2294","source_keys":["12","13","14","15","16","17","18","19","20","21","22938684","22938685","22938686","22938687","26322152","26322153","26322154","26322155","642843808","642843809","642843810","642843811","905539588","905539589","905539590","905539591"]},{"key_piece":"0xf3b1753eeb77bf19","not_filters":{"14":["45630049"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22938684","22938685","22938686","22938687","26322152","26322153","26322154","26322155","642843808","642843809","642843810","642843811","905539588","905539589","905539590","905539591"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22938684":93,"22938685":93,"22938686":93,"22938687":9081,"26322152":32,"26322153":32,"26322154":32,"26322155":3177,"642843808":65,"642843809":65,"642843810":65,"642843811":6356,"905539588":36,"905539589":36,"905539590":36,"905539591":3530},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"8090487941829651846","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"1389964575850289398","filters":[{"14":["45630049"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"1389964575850289398","filters":[{"14":["45630049"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"1389964575850289398","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"1389964575850289398","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12891178"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 frame-modern.ebc5a228.js Show response
js.intercomcdn.com/ Frame C891 471 KB
142 KB 283ms
69ms Script
application/javascript 108.139.47.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.ebc5a228.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b1wfmjvz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-114.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

77de2f63450b98f6d5f5e0e2b8e41cc062f3220b96922dd8fa90b9acb83a2fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: BLt5vzhma5A8ghp3s7ao3cZJvyLU4s4w
etag: "d72e2ceea3bc87e599c107aca66c3b1f"
age: 1974
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: IUTOrHkGgP2IBDBqS3YZdoOeE5q5kBG-uPoRoNRVxmLZwJ-cWJDj7g==
date: Wed, 20 Nov 2024 11:12:13 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Tue, 19 Nov 2024 06:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 144986
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.5c288613.js Show response
js.intercomcdn.com/ Frame C891 456 KB
145 KB 427ms
213ms Script
application/javascript 108.139.47.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.5c288613.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b1wfmjvz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-114.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: DOugmxqLKj2Wu806EUqSEkLHZVP1ys_C
etag: "cfcbe890471af67f5140f9f36766a673"
age: 2944
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: weZT4ys3716CN1WCFMOBNSYKnHmEkFPamU98KeV9XE2tGwgE4VR5Nw==
date: Wed, 20 Nov 2024 10:56:03 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Tue, 19 Nov 2024 06:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147369
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 widget_app_base_1731678445949.js Show response
cdn.userway.org/widgetapp/2024-11-15-13-47-25/ 129 KB
40 KB 268ms
129ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"de1906d04b0b6988f60d448bb93a2a06"
age: 279
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: PV-eaJxzC0ai9prxO0pUmAJu17kNSfYNjTAa-74Ndbt1SqOb6yk7Tw==
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 13:50:03 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061309d3a856c2cb3d6769a9bd33
x-77-nzt: EgwBT3/O6QH3rHgGAAwBWbuxDAG3AgAAAA
cache-control: max-age=25920000, public
via: 1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424108
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 518322662332686 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 149ms
148ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/518322662332686?v=2.9.177&r=stable&domain=www.ormanager.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

fc6bde7c862a567dabf0654ee13002f78aed7b5a98df0b36a82c66e5054be72d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Mpsh8bnx' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Mpsh8bnx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=97, rtx=1, c=73, mss=1232, tbw=71617, tp=67, tpl=1, uplat=77, ullat=0
pragma: public
x-fb-debug: NaVFJa669CghfU3qSR+Tk/Fkps6o96m3HJwfO95Nq0QJN83yEPN7X6+Wb+rOayng+xty+1EDbXTEWnaz259iTw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

65ms
63ms

Script
application/javascript

2600:9000:23cb:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: HTTP/1.1
Server: 2600:9000:23cb:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 4877
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: m5t-HDlVCCIXyTth7b7OlNp-SIN_yIi9uzVeM_R6SVTgTKzuGlLXLw==
Date: Wed, 20 Nov 2024 10:23:51 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 40708
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: _54C8i8o4zrcEPQyp5-NiE5xCwaT6uHEAEtZPycKANG2hcVKgxCF0w==
Date: Wed, 20 Nov 2024 00:26:37 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/ 0
809 B 128ms
64ms Script
text/javascript 2600:9000:23cb:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: Qj9_mrTpyUuKkK2dPaWYAINpaGEJu7BL
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2383
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: eyZrWXCi_U0mUMs6lCTQBlsM3w8V3uKz6q1ZgcEUKEV_Lxih2Sw7eA==
Date: Wed, 20 Nov 2024 11:28:30 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Sat, 16 Nov 2024 12:28:00 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 74ms
74ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KRPWWRB&v=3&t=t&pid=1681777261&cv=17&rv=4bj0&tc=14&tag_exp=101925629~102067555~102067808~102077855~102081485&e=*&eid=5&u=AAAAAIAKAAAAAAAAAAAAAAAY&ut=AAAI&h=Ag&tr=5googtag.6paused.6paused.5lcl.5cvt.5html.5cvt.5cvt&ti=2googtag.2paused.2paused.2lcl.2cvt.2html.2cvt.2cvt&z=0

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 AW-751974586
td.doubleclick.net/td/rul/ Frame 2033 0
0 98ms
86ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/AW-751974586?random=1732103106761&cv=11&fst=1732103106761&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z8830755158za201zb830755158&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ormanager.com%2F&hn=www.googleadservices.com&frm=0&tiba=OR%20Manager&npa=0&us_privacy=1-N-&pscdl=noapi&auid=949841746.1732103107&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0281 0
0 74ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET bdfd45fe-dc01-4e43-8702-ea9de903dcd7
https://www.ormanager.com/ Frame 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F4 0
0 74ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C43D 0
0 123ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C43D 0
0 89ms
88ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW1AenVbuc2oLQJcTnes2VJZOlXUgMtrkecHKd1awj3XPY7rqjNM13ef00qDPyn8r-Mbmrzb2F-ZP10W1Zu8LtFqCWt_GA6brd1P7uWP5_G07cqCgxOcueJv2rBoQwJ7oLb0qtNUMbnTeK11AIuCj7JxaawNly91a2tuUzQa0j6jJcOMaXS2riZcueLhUd6kdpChq-wv11vOt2EqAN2teJtqxEpKP_jKuYM_UBBEnpIBhBVSifRpsMrIz21mY8cwkQKX9D5SQGG3lYO3_PYTD2cVIbpl9VBab44qDwhf-wQbtE9ug-m7d1Y0OJzDUE8S6_T0BOzjaYxLY04I4tvxMpmFjVPb8qs0B2_IFXKSQHMFBH4_dc1_pzYb4IhCgaZ4xFdm8CdJh4N52LTEMxzn2kAQ&sai=AMfl-YTF0pIxyLS4P4GWFybpDtjcmYFcKjv4ivQ_xtzKo8X0K-NAOi7zf8LkwFwcgd6zbLF-JZSZSDeu6Vo6R-ano7V3gBMlmTozbryjoczR_zKuXCuYGlPhiXNUZP3fGfIc6TJ012glcf6EixMyViLX&sig=Cg0ArKJSzBCf524NhO_3EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE85 0
0 166ms
73ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE85 0
0 89ms
89ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP8Fep3CPyo21YrmeU71LVLabyKKcsrRiwm_CZtPIcuDvi3QM67AcyvAYhAzbsit8wKNmEuVMiTeU6HN4NXtL57FYhGBbogrdKRENDZ_wv58qRIvW-228tEcc2nJKiyy9im-HwJeujQM00sNyIA6S15yWhS4amsWCbHHIPup6wXG-WYhNgA9d9lZGbXR-lNq20I559cuxu9G8d8wp5LfS8UBHqHVT_mKLyH39gLHuKXcZgFVGGIS76k59Qwqz-Ori1AQB3HdtpRcfElenQln5V3NDr3bw7j2CFW1ReCA75ca1-anUGQgbZ3Sr8upEXbVZP8avL46uA-6tyt4CZOAsaBSUXVVWFSCstQgUS1B_7KGIXzUw3QkG-WY5aCexM4MhqXanMYSqnaNQ4tz4HsuVokmUXOUPXDA&sai=AMfl-YTEjgttJEQOdy6Gtr9jsrmCbxGB3_E5HqKK_Tsg4ghsuNgNwkR-741n9war5FTvSpHPW0uBpaODPVwvyp0oo6AtmSFemF1_1xwAZlHHN-Apqq2dLeGdLRT-KnsGWzCQkwvKBf6M_7R9MIuwluLT&sig=Cg0ArKJSzKLvjz8IXncuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 334C 0
0 209ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 334C 0
0 88ms
88ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYhhQrqNKeulmdfVzvOUWeg8Wuid_i3S00Sevpi-74IpM1wjs8-MwGD6uDGRcb4CFMVDOUGn9YcDM2W71YNdmVghWE-aLzFM0T4ZhJXRt644bf0kyGnJ6o-ZU4T2PwFx2vy-f8e19N0CLmAK1Ch0P5xUVPt5OcE1qfZ0sED9acXOoe8zzN0yvYZ57JDJtWznv2YdHs2V-cOBaAPfyPC_czzkjkaWNoHcXCckylGYzRFJkXHtlP79AEtX-Qw7kxrPo6rS3tg7z2-314GuuPeigr7_Lp4_2-CzneS8IhrkIMpHOx_kpeDGhs_bidGBbAjnO0DdxE2SgIqoatzk52Do-keyxBga5K_DGExnvWoXielJaw6judnLEbqMnlx_rgl37Yso-sz5m_3vLxXYIVR2XS2IAd&sai=AMfl-YQJ-PZLO767YwpBxVSbmGb49Lcc4KjSuHWzknybt8tEPoaD3tgzGIy5VId6jtEqGacp6K6iEd6aGE626vpEwFKuHT8ZRhSP8RwjEF0okSnRKqkv5twur0FWMA0mn-ZW2aIcbV8758oqXJfXAN7Q&sig=Cg0ArKJSzFtNnILm96XmEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 217ms
78ms Fetch
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je4bj0v893216188z8830755158za200zb830755158&_p=1732103105465&gcs=G111&gcd=13r3v3r3r5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1064330803.1732103107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732103107&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F&dt=OR%20Manager&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2740
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ormanager.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame C31D 0
0 194ms
62ms Document
text/html 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.ormanager.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-751974586&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 51057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 21:34:10 GMT
expires: Wed, 19 Nov 2025 21:34:10 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0281 0
0 73ms
73ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 GRF2WTX3ENFVZOARHY6IYZ Show response
d.adroll.com/consent/check/ 599 B
1 KB 181ms
57ms Script
application/javascript 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GRF2WTX3ENFVZOARHY6IYZ?flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&_s=de53b681d5ad66b5871f3afa12d4084e&_b=2
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ffb852a258ca6469d664ae215eca48e4ba52efcef2131daa8855151406336586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 599
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
content-type: application/javascript
server: nginx/1.22.1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F4 0
0 127ms
73ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C43D 0
0 195ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0281 0
0 88ms
88ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3PTU7V51wtT1wsE050BoW78b5Rs_YD24A4r7Cx1V0rFzONB6v5Mn6_J9VKJei64f1rxziHvNNjbYCyylMyZ1RPKfN_F7lRYUNdQwKRm4yofrdNrn-WmulaWUYz2dNEHizxUGFbhRrIBLxNPeIUxvDtcnExM48DlvyWahQZMZV3yrXgDf0uv43jyW183RoEuun5DruHhG3CLUjzNTDUaQsCcO-f0kEjXdosHIv5-7cIH3MFn-NjQQNxjAzqoOwQeLRHfWSbKyhbCpIc1riFSHmamynAVYfVfylpHxm599xmN_v-j0KUW38vzaX6tYr4ZzWsnKx4cE78ohSEUR6xZG4CSXGXgTECpel-qXGIqqwjHXxbpsacXZqnbxSTPfqR8kYZQX6AH523LTE9BWO0HHz&sai=AMfl-YQVKw59V7imqQDAAyzQq8wDVc00g-Djvo8Bm2IsH-Ra8GHQ3zC0hZvIfzz9aUc-t7axDymT3pmkMSChGgm8BT4V6IHN5L7osIXBS0EMjzYehIfZnpHF_Pvbp0yj-1IrhSugTahCiQZfxHXs_fUg&sig=Cg0ArKJSzA8sp5kKRJfMEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE85 0
0 259ms
75ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98F4 0
0 88ms
88ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYgBKUrO7VW8jiShGv0rXFf5aot9ObQ3gfpyzYztty1dKhfCw7JWhtZxvz02hwSXdH4OOLyo8FN1rfW-iQOFCEf12bPwqPLSEBfDR8i-_Zg0hm_laK1aoR1Bf0dWMUWIBMGfdHl_Dp5vesFjY4yXR8-Dqy0K0be8rkPc2MKtuutIcXkSh5-7OEkGbUCPbib5Y9-CFhDHIVf01inVeQlpu6YwVGiAAyzwtpfpnK-El166qU5GlrU-OCLx4y-GG3o8akxnJjTeI9f6gLdY1x9o6sDPqScgWpFNSDJjqzYLEBR0Y9vEXUJ71h4Hq8CSqX5NP5BE3GLMG7AO5cLBOW7Bf-ItTOOrvGgTi9nG8ixD98KL-jRj7kwTNGzFyi8HqVbNdwZoS9_V5a0IsgFInpMJdNz2bAdg&sai=AMfl-YRFrcpRJtBSXfRH_1Vfj5bqUHVBFCspuz4jmFR6e9YdIMHQVbAilTwk6mgfas6TZjnD97z0EzPjZ6U0bC4HM2gskM8xjRKx4d-uoHd-KTvXNKOTkf15RZ5GSe8mpw9CxFP9X2BxM9eoFxzKl5Ns&sig=Cg0ArKJSzMT57y76BN5YEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:07 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 334C 0
0 327ms
74ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame E140
Redirect Chain

https://pixel-sync.sitescout.com/dmp/asyncPixelSync
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

58ms
58ms

Document
text/html

34.36.216.150
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 150.216.36.34.bc.googleusercontent.com
Software: A /
Resource Hash

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
content-length: 1174
content-type: text/html;charset=UTF-8
date: Wed, 20 Nov 2024 11:45:06 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
location: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: A
via: 1.1 google

GET
H2

200

3ce13a619c5875ca
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/3ce13a619c5875ca?cntr_url=https%3A%2F%2Fwww.ormanager.com%2F
https://pixel.sitescout.com/up/3ce13a619c5875ca?cookieQ=1&cntr_url=https%3A%2F%2Fwww.ormanager.com%2F

43 B
408 B

87ms
86ms

Image
image/gif

216.157.106.133
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/3ce13a619c5875ca?cookieQ=1&cntr_url=https%3A%2F%2Fwww.ormanager.com%2F
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 216.157.106.133 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length: 43
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/gif
server: AC1.1

Redirect headers

location: https://pixel.sitescout.com/up/3ce13a619c5875ca?cookieQ=1&cntr_url=https%3A%2F%2Fwww.ormanager.com%2F
content-length: 0
date: Wed, 20 Nov 2024 11:45:06 GMT
server: AC1.1

GET
H2 200 json2.js Show response
apps.decisionbriefs.com/js/plugins/ 17 KB
17 KB 58ms
58ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/json2.js?_=1732103105299
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 3f07a45b92419d219f1f41caac4b12421b89a725c16db41f531c32d62312b919

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 17568
date: Wed, 20 Nov 2024 11:45:07 GMT
etag: "571057a8-44a0"
content-type: application/javascript
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.27.2

POST
H3 200 admin-ajax.php Show response
www.ormanager.com/wp-admin/ 70 B
1 KB 1200ms
1199ms XHR
application/json 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-admin/admin-ajax.php

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

304381cbaba19396ac092dca91f7ec209bf6ec1d276b39c52c96df6a8713ea65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ormanager.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-pantheon-styx-hostname: styx-fe1-b-646589cd7b-75kh4
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9Llz%2BFBkLLpgUCoadNVoDNvAJRg9iD2FNiPtOrsSjsyc3jvkR2mVunMiceoJ0IaWqh5zZp1JFymqo3fzPAX6jv1SmURDhIaA2a0T%2F090GZ8jemM4Uynv62rkbvjppbkY%2F9p%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=114580&sent=3835&recv=518&lost=6&retrans=6&sent_bytes=4427909&recv_bytes=66508&delivery_rate=1716163&cwnd=310758&unsent_bytes=0&cid=34e1741264ae0e79&ts=3920&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: application/json; charset=UTF-8
x-served-by: cache-chi-kigq8000043-CHI, cache-sjc1000113-SJC
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1732103107.295422,VS0,VE1082
x-styx-req-id: e3ce9db3-a734-11ef-a596-92acce0b9d7f
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e5831248fa75c17-SJC
accept-ranges: bytes
access-control-allow-origin: https://www.ormanager.com
content-length: 89
server: cloudflare

GET
H3 200 2039886252854831 Show response
connect.facebook.net/signals/config/ 43 KB
8 KB 152ms
150ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2039886252854831?v=2.9.177&r=stable&domain=www.ormanager.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C146%2C173%2C159%2C118%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

91b389a3bd71def3031096c743b1a85ee323190cd01dba55d06c93287dbf6516

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-0dOMsl1p' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-0dOMsl1p' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=77, rtx=1, c=73, mss=1232, tbw=88353, tp=83, tpl=1, uplat=82, ullat=0
pragma: public
x-fb-debug: v7svojOmxuKpC6yQv3dL3Xkfm733uxsSptJEu63CUrmchrNb0+V9kBBL2GgecStnUk44FD5phCbu0o2S/dmRQQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 142ms
67ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=518322662332686&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107266&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=84ab8c&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4497, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 202ms
128ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=518322662332686&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107266&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=84ab8c&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&tm=1&cs_cc=1&rqm=FGET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439326199304678380"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Ch2kwuAb2kHH0H3Rzz0hD8QqzX/VsHO+Dyf070nOGTHQS2tbKiVvkItRjdP3t6NiGSMPBq87o5zXY023rU8ZOQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439326199304678380", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4817, tp=12, tpl=0, uplat=61, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 D3N8S6eZYY Show response
api.userway.org/api/tunings/ 2 KB
2 KB 349ms
117ms XHR
application/json 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/D3N8S6eZYY
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 303dc1da0e3a5f2e00b7610ae4678f981766b37a104dd2fbe356a9994fecb607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usrc292e0ef5f474ed
etag: W/"81f-fOffkXvhYhGZ1V9kuHLDnFckFYo"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 2079
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 1B55 287 KB
92 KB 216ms
73ms Script
application/javascript 18.164.93.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e5a2acc
Requested by: Host: ssl.luckyorange.com
URL: https://ssl.luckyorange.com/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-93-6.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"ba41e1e15fa64ba31fd66b66e19eb16f"
age: 17707242
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: dIxRk_ps8abvEtRPFPoML4LGDwAtkFqQOwVbxQBCEl-rfwKj4BnszQ==
date: Mon, 29 Apr 2024 13:04:26 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
cache-control: max-age=31536000
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame C891 241 B
898 B 232ms
107ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ebc5a228.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

82332b5162d1248851836c20a49503f2625b9f58b4a1a92cb0e11e3b45613d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0001eec0papssbd24ofg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"82332b5162d1248851836c20a49503f2"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.047033
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.ormanager.com
x-xss-protection: 1; mode=block
x-intercom-version: db35edadaa82dd2ca8aa08d9eef06ed2a7eb2b74
x-ami-version: ami-0ea027688288cd41c
server: nginx

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame C891 4 KB
2 KB 401ms
282ms XHR
application/json 44.209.155.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ebc5a228.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.209.155.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-155-11.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ddf67ef94f7272233c7dea6acecab068672baba9c927d3d642e9aa343efb6468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 000lip1fq2ur60hcbltg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"ddf67ef94f7272233c7dea6acecab068"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.201317
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.ormanager.com
x-xss-protection: 1; mode=block
x-intercom-version: db35edadaa82dd2ca8aa08d9eef06ed2a7eb2b74
x-ami-version: ami-0ea027688288cd41c
server: nginx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-751974586/ 5 KB
2 KB 206ms
86ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-751974586/?random=1732103106761&cv=11&fst=1732103106761&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z8830755158za201zb830755158&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ormanager.com%2F&hn=www.googleadservices.com&frm=0&tiba=OR%20Manager&npa=0&us_privacy=1-N-&pscdl=noapi&auid=949841746.1732103107&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

669f0ff7dbd9d3f7f255e02f437669acedf2015eb6a03b9e887d8cca54c1b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2346
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 wurfl.js Show response
apps.decisionbriefs.com/js/plugins/ 525 B
684 B 58ms
58ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/wurfl.js?_=1732103105300
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 8283fc67f7c7448327574c49bda3245223d8a00b77100407b812746c12455adf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 525
date: Wed, 20 Nov 2024 11:45:07 GMT
etag: "571057a8-20d"
content-type: application/javascript
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.27.2

GET
H2 200 iframe_content.html
x.adroll.com/pxl/ Frame 20FB 0
0 187ms
58ms Document
text/html 2600:1f18:61c0:220c:bc7c:4e18:20a7:79f9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:220c:bc7c:4e18:20a7:79f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
ad-auction-allowed: true
content-encoding: zstd
content-length: 427
content-type: text/html
date: Wed, 20 Nov 2024 11:45:07 GMT
last-modified: Tue, 19 Nov 2024 03:19:34 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 73ms
73ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 X6YBME3QZJHKNCP5TZ7UCU
ipv4.d.adroll.com/px4/GRF2WTX3ENFVZOARHY6IYZ/ 42 B
176 B 210ms
56ms Image
image/gif 44.197.143.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&cookie=&adroll_s_ref=&keyw=&p0=2034&xa4=1
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.143.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-143-75.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 42
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
content-type: image/gif
server: nginx/1.22.1

GET ea783ef2-9fac-4cf2-9a91-c200a355935f
https://www.ormanager.com/ Frame 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 69ms
68ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039886252854831&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107521&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=eb5976&ler=empty&cdl=API_unavailable&cs_est=true&it=1732103106725&coo=false&tm=1&cs_cc=1&cas=7269504406504053&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=26, mss=1232, tbw=8193, tp=19, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 116ms
116ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2039886252854831&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107521&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=eb5976&ler=empty&cdl=API_unavailable&cs_est=true&it=1732103106725&coo=false&tm=1&cs_cc=1&cas=7269504406504053&rqm=FGET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439326199047514269"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: SH+7qkVwI4IPF92fw2pd1LcHEfZtyVzvnOQXBXFOMSSpB5M6MsIx+Za+UK8XaFRHb/uSUMEYJHSG1kITc+DklA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439326199047514269", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=26, mss=1232, tbw=8353, tp=21, tpl=0, uplat=48, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 md5.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 6 KB
6 KB 59ms
59ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/md5.js?_=1732103105301
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 6269
date: Wed, 20 Nov 2024 11:45:07 GMT
etag: "571057a8-187d"
content-type: application/javascript
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.27.2

GET
H2 200 X6YBME3QZJHKNCP5TZ7UCU Show response
d.adroll.com/pixel/GRF2WTX3ENFVZOARHY6IYZ/ 399 B
1 KB 57ms
56ms Script
text/plain 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pixel/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&cookie=&adroll_s_ref=&keyw=&p0=2034&xa4=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: dc6609763bf19156496007422d99a8e9acb553f4dbf7b0631373c0e197781d88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-segment-display-name: 22 - OR Manager Website Visitors
x-rule-type: s
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-conversion-currency
x-conversion-value: 0.00
x-segment-eid: CSIZXAVYFRGKJBQWOWQODK
x-advertisable-eid: GRF2WTX3ENFVZOARHY6IYZ
x-segment-name: 0afc8912
content-length: 399
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
x-pixel-eid: X6YBME3QZJHKNCP5TZ7UCU
server: nginx/1.22.1
x-rule: *www.ormanager.com/

GET
H2 200 browser.js Show response
apps.decisionbriefs.com/js/plugins/ 7 KB
7 KB 58ms
58ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/plugins/browser.js?_=1732103105302
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: 3166b6172873ea9eda556121cbe9ff020315da2c1dcd3b165c8c8339fea7428b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 7233
date: Wed, 20 Nov 2024 11:45:07 GMT
etag: "571057a8-1c41"
content-type: application/javascript
last-modified: Fri, 15 Apr 2016 02:53:28 GMT
server: nginx/1.27.2

GET
H2 200 cookies.js Show response
apps.decisionbriefs.com/js/custom/bigquery/ 2 KB
2 KB 58ms
58ms Script
application/javascript 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/js/custom/bigquery/cookies.js?_=1732103105303
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash: de23dad9886751ad5923ff70890c37a7a77b3221a18677c5ddfe483862dc63f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

accept-ranges: bytes
content-length: 2304
date: Wed, 20 Nov 2024 11:45:07 GMT
etag: "5ec2e56d-900"
content-type: application/javascript
last-modified: Mon, 18 May 2020 19:43:41 GMT
server: nginx/1.27.2

GET
H/1.1 200
OK CSIZXAVYFRGKJBQWOWQODK.js Show response
s.adroll.com/pixel/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/ 13 KB
4 KB 74ms
73ms Script
text/javascript 2600:9000:23cb:7800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/GRF2WTX3ENFVZOARHY6IYZ/X6YBME3QZJHKNCP5TZ7UCU/CSIZXAVYFRGKJBQWOWQODK.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81e2eccb954a19b8c5db97e3137ceddd24140d482ed357caccfb1f716e69ab2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: otw9OcKsZ2BRRXu6Fo8NrlxecAGOUsXi
Etag: W/"4b3e5cbdf2bd81cc84f757e2418e0f12"
Age: 2856
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: QBKHLcSDYY8xuM1x85CLgKwDuPhQzzvGoWg-mIGQYdsJgIu_W1dY1A==
Date: Wed, 20 Nov 2024 10:57:32 GMT
Content-Type: text/javascript; charset=utf-8
Vary: accept-encoding
Last-Modified: Tue, 06 Aug 2024 07:10:29 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 trigger
x.adroll.com/attribution/ 2 B
468 B 168ms
57ms Image
text/plain 2600:1f18:61c0:2208:b7ad:67e0:5e9c:661b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.adroll.com/attribution/trigger?fpc=9ac9f7e3ccaf0fc91562f0f05f2de629&advertisable_eid=GRF2WTX3ENFVZOARHY6IYZ&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:2208:b7ad:67e0:5e9c:661b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-length: 2
date: Wed, 20 Nov 2024 11:45:07 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"8033847445449158620","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"8033847445449158620","filters":{"source_type":["navigation"]}}],"debug_key":"17485174435686535348","debug_reporting":true,"filters":{"0":["GRF2WTX3ENFVZOARHY6IYZ"]}}
content-type: text/plain; charset=utf-8

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/ 607 B
943 B 64ms
64ms XHR
application/json 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 281
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: wr2YSqL7ptByyqXnFQ8jNUtr-1sAHuYPnkpK-SL3i7WrQaF9PE6Vlg==
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/json
last-modified: Fri, 15 Nov 2024 13:50:02 GMT
x-77-nzt-ray: f03d061309d3a856c3cb3d6741114029
vary: Accept-Encoding
x-77-nzt: EgwBT3/O6QH3rHgGAAwBuTvfFAG3AAAAAA
cache-control: max-age=25920000, public
via: 1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424108
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-751974586/ 42 B
455 B 214ms
79ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-751974586/?random=1732103106761&cv=11&fst=1732100400000&bg=ffffff&guid=ON&async=1&gtm=45be4bj0z8830755158za201zb830755158&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ormanager.com%2F&hn=www.googleadservices.com&frm=0&tiba=OR%20Manager&npa=0&us_privacy=1-N-&pscdl=noapi&auid=949841746.1732103107&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dHXlBFobfSKsOOxyDk-FsS0butXvdm_YBl56c7iIg5u2nbQsV&random=3913918854&rmt_tld=0&ipr=y

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 75ms
74ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 79ms
78ms Fetch
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je4bj0v893216188za200zb830755158&_p=1732103105465&gcs=G111&gcd=13r3v3r3r5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1064330803.1732103107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEE&_s=2&sid=1732103107&sct=1&seg=0&dl=https%3A%2F%2Fwww.ormanager.com%2F&dt=OR%20Manager&en=form_start&ep.form_id=core_tracking_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fapps.decisionbriefs.com%2Fbigquery%2Ftrack%2Fcore_actions%2Fcrts_1732103107677&epn.form_length=1&_et=593&tfd=3353
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BTEL2PXRG&l=dataLayer&cx=c&gtm=45He4bj0v830755158za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ormanager.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-2BTEL2PXRG&gtm=45je4bj0v893216188za200zb830755158&_p=1732103105465&gcs=G111&gcd=13r3v3r3r5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~1...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1064330803.1732103107&dbk=8472683796653497334&dma=0&en=form_submit&gcs=G111&gtm=45je4bj0v893216188za200zb830755158&npa=...

0
0

87ms
86ms

Fetch
text/plain

2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1064330803.1732103107&dbk=8472683796653497334&dma=0&en=form_submit&gcs=G111&gtm=45je4bj0v893216188za200zb830755158&npa=0&tid=G-2BTEL2PXRG&dl=https%3A%2F%2Fwww.ormanager.com%3F
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1064330803.1732103107&dbk=8472683796653497334&dma=0&en=form_submit&gcs=G111&gtm=45je4bj0v893216188za200zb830755158&npa=0&tid=G-2BTEL2PXRG&dl=https%3A%2F%2Fwww.ormanager.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x8fad25d78c2e9aa5","source_keys":["1"]},{"key_piece":"0xb8e63403c570613c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"8472683796653497334","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["1037970007","964722230"],"5":["11-20","11-19","11-18"]}}
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1064330803.1732103107&dbk=8472683796653497334&dma=0&en=form_submit&gcs=G111&gtm=45je4bj0v893216188za200zb830755158&npa=0&tid=G-2BTEL2PXRG&dl=https%3A%2F%2Fwww.ormanager.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 200 crts_1732103107677
apps.decisionbriefs.com/bigquery/track/core_actions/ Frame 1FF1 0
0 216ms
104ms Document
text/html 3.213.226.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.decisionbriefs.com/bigquery/track/core_actions/crts_1732103107677
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.226.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-226-18.compute-1.amazonaws.com
Software: nginx/1.27.2 /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Wed, 20 Nov 2024 11:45:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP='We do not have a P3P policy.'
pragma: no-cache
server: nginx/1.27.2

GET
H3 200 2413015542281959 Show response
connect.facebook.net/signals/config/ 35 KB
6 KB 178ms
178ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2413015542281959?v=2.9.177&r=stable&domain=www.ormanager.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C146%2C173%2C159%2C118%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C134%2C197%2C126

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

e352332ad590186cf88f93624a3c30c17f626a0eb0d54912e4aee59185f3c219

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-fH8gwx2L' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-fH8gwx2L' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=71, rtx=1, c=73, mss=1232, tbw=97041, tp=92, tpl=1, uplat=110, ullat=0
pragma: public
x-fb-debug: wLp5FzsAyLPx9S74DexlzVLVUO59Gg/8e48k2y3rRA70JStpnMjTda1fb/g95wfWxjzOBQYayyMhbZVBuV7D3w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://x.bidswitch.net/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

43 B
288 B

59ms
58ms

Image
image/gif

35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/gif

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:07 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://d.adroll.com/cm/experian/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%252C%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76fc76be-64a6-4292-921a-56ce999f1271&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%2C%2C

95 B
433 B

50ms
49ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76fc76be-64a6-4292-921a-56ce999f1271&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%2C%2C

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=76fc76be-64a6-4292-921a-56ce999f1271&ttd_puid=d7e95fee-5c3b-4b63-92b2-907a536649a9%2C%2C
content-length: 359
date: Wed, 20 Nov 2024 11:45:08 GMT
server: Kestrel

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=CA24ZT2zjoqgRu6xBOL2CQ
https://d.adroll.com/cm/g/in

42 B
819 B

58ms
57ms

Image
image/gif

2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-result: g.-1.-1.-1
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/gif
server: nginx/1.22.1

Redirect headers

cache-control: no-cache, must-revalidate
location: https://d.adroll.com/cm/g/in
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 225
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107&C=1

43 B
361 B

81ms
80ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107&C=1
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hn%2B6clmYbt7kvislPwXE1cfvYJsGDtL7zzTjqs5aux5ir8T%2Fof1EJ3Wfu1fe18I7KoGQSGzKiRW7mGAzNJmLuzv544m3p4TOMhx%2BShTaXAlwFIkAT7eYMopTTRjgyNiu%2BzUhDc6eS%2Bvg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e583128bf6974a8-MIA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=105&external_user_id=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expiration=1763639107&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOeTfJ5L%2BzJ4H15CYddAI%2BA3BUsZB1xaeCWBqDPnqhn6kHRGPpfiIg1pl7P%2BP9nwxr85kv7xEItKYUdelETAP2NK%2B7jJ%2FuDdOFYYTqDBP3VHO6C0JZ3ews8ptSl6PyQ6G9FwJHta%2B880ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e5831284f2774a8-MIA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 20 Nov 2024 11:45:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://idsync.rlcdn.com/377928.gif?partner_uid=080db8653db38e8aa046eeb104e2f609
https://pippio.com/api/sync?pid=5324&it=1&iv=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531&expected_cookie=fea77a07-bf3c-4fa1-a222-3569d0654f26

0
141 B

124ms
124ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531&expected_cookie=fea77a07-bf3c-4fa1-a222-3569d0654f26
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 91132F47D1AD46BBA65AA440AC92BA6C Ref B: MIAEDGE1619 Ref C: 2024-11-20T11:45:08Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYnVq589FLmzh5c6HcrVQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: /db_sync?pid=10339&puuid=0996436815efe4be39540b37a1e9c4f5a76d5403ead1ca701a0eab21cb2746a9791426b5417dce21&rand=06076531&expected_cookie=fea77a07-bf3c-4fa1-a222-3569d0654f26
x-msedge-ref: Ref A: 44D51F402A174F1F9E4060F12CDFB7D9 Ref B: MIAEDGE1619 Ref C: 2024-11-20T11:45:08Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYnVq564yIaqA5U+UxXdg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expires=365

42 B
1 KB

201ms
56ms

Image
image/gif

69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expires=365
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: HTTP/1.1
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: becaca8a9ded23e47987329048628358
Pragma: no-cache
content-length: 42
Content-Type: image/gif

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&expires=365
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://us-u.openx.net/w/1.0/sd?id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent=

43 B
171 B

48ms
47ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent=
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=080db8653db38e8aa046eeb104e2f609&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
server: OXGW/0.0.0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=&us_privacy=1---

0
360 B

237ms
74ms

Image
text/plain

70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

HTTP/1.1

Server

70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Wed, 20 Nov 2024 11:45:08 GMT
x-traceid: 55718b2859f0de1d8b60b8c4c85d8957

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=&us_privacy=1---
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
590 B

220ms
62ms

Image
image/gif

207.65.37.184
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-store, no-cache, private
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/gif; charset=utf-8
server: nginx

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
123 B

66ms
66ms

Image
text/html

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 20 Nov 2024 11:45:08 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
age: 0
referrer-policy: no-referrer-when-downgrade
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/html
server: ATS

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

0
365 B

202ms
63ms

Image
text/plain

141.226.224.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-fastly-to-nlb-rtt: 62337
date: Wed, 20 Nov 2024 11:45:08 GMT
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Wed, 20 Nov 2024 11:45:07 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://eb2.3lift.com/xuid?mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

61ms
60ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /xuid?ld=1&mid=4714&xuid=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 20 Nov 2024 11:45:08 GMT

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492&flg=1&pv=70226855797.0633&arrfrr=https%3A%2F%2Fwww.ormanager.com%2F&advertisable=GRF2WTX3ENFVZOARHY6IYZ
https://ib.adnxs.com/setuid?entity=172&code=MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

43 B
1 KB

93ms
93ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Server

68.67.160.114 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.70; 38.132.118.70; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 6009e763-ad6f-4e1a-b6c2-64398e842184
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 38.132.118.70; 38.132.118.70; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 243fbeb0-13e9-4b7c-bc93-f6a23274431c
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 74ms
73ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 68ms
66ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=518322662332686&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107920&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=84ab8c&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=9377, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 113ms
108ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=518322662332686&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107920&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=84ab8c&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&rqm=FGET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439326199608240038"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: aCUiMHi3klxuTIGoZig5apa3M7zDuehQxQwSzoW28cuvtjh4GzSbQf5ZGLvwt9KaiTDDAcCv95eBg/N4HY24Ig==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439326199608240038", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=10097, tp=36, tpl=0, uplat=41, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 72ms
65ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2039886252854831&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107923&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=eb5976&ler=empty&cdl=API_unavailable&cs_est=true&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=7269504406504053&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=9633, tp=29, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 117ms
110ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2039886252854831&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107923&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=eb5976&ler=empty&cdl=API_unavailable&cs_est=true&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=7269504406504053&rqm=FGET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439326198527611443"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: bmwwHfTa2XmoYL6u0U0HHYarkyk2rDw7D7IZopcKS5Dy4LOnEID+szt2lqJ4SCYQ62M1hfbSgIVyjx5JbeNqow==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439326198527611443", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=10977, tp=37, tpl=0, uplat=43, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 74ms
68ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2413015542281959&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107926&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4125&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=8390c6&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=25268219106156655%2C6835989323109159%2C5010039469007153%2C4606318836071039%2C7517771718263068&rqm=GET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=9937, tp=34, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 117ms
111ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2413015542281959&ev=PageView&dl=https%3A%2F%2Fwww.ormanager.com&rl=&if=false&ts=1732103107926&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4125&fbp=fb.1.1732103107262.728400229292989048&pm=1&hrl=8390c6&ler=empty&cdl=API_unavailable&it=1732103106725&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=25268219106156655%2C6835989323109159%2C5010039469007153%2C4606318836071039%2C7517771718263068&rqm=FGET

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439326199286321247"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 20 Nov 2024 11:45:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 1+XQYWrX3XEFWu8V9F6i+Z/43oY8pEDjx/tzPH51z+4lZ0MqbAF2RASqh0UryVLvGPiCfhkWSpJBGItyvA/uuQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439326199286321247", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=27, mss=1232, tbw=11857, tp=38, tpl=0, uplat=43, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C43D 42 B
65 B 89ms
89ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcEPZJp1VOZOu8MlgaLGd1I4wwdPR0KVaEzQkSlo6zyYCUoNvs7GpfBmRHm-ZndtNrBpnRWcJO6-Xi24G-Ubbx-NAbN9cWN4OemnuZvdI7n1O-YkROha43MYPYMsi8dfIWkKL1yezLuYI04TgRWiyKMMX9ulr7FJPyk_kWJdSD1tiORO32kfn83L0C59gVV-0eMQ&sig=Cg0ArKJSzLuChaOqEMGKEAE&id=lidar2&mcvt=1000&p=23,436,113,1164&tm=1075&tu=75.10000038146973&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=788330896&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2803590600&rst=1732103106504&rpt=451&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 remediation_1731678445949.js Show response
cdn.userway.org/widgetapp/2024-11-15-13-47-25/remediation/ 79 KB
23 KB 194ms
193ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/remediation/remediation_1731678445949.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 51abb6dc7dabb1cdf09a1bb8d4579f4e63befdfb1c9d6d6dd15f3af854a777cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"dbe96c9365f372535b6ff87dfacd5305"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: TUa0z7KCAA8nslCyThljvWJYFo40YRtosFjW1P8fBr6GBnjs_ZnBmg==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 13:50:03 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061309d3a856c4cb3d67dc8a1a0d
x-77-nzt: EgwBT3/O6QH3rHgGAAwBuTvfFAG3AQAAAA
cache-control: max-age=25920000, public
via: 1.1 eef964f7ded2584b0acfd4f410d14ff2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424108
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 vlTreZ78ZUYng138.json Show response
cdn.userway.org/remediations/consolidated/2647295/ 818 KB
112 KB 130ms
130ms XHR
application/json 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2647295/vlTreZ78ZUYng138.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68fa5629ac0f882000a996fa7ca8315f21f47457a2f568104d7217afc8c7bd8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"bf8cae888b5153db762a6f0a558f9832"
age: 4
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: NeiC4Jl4APi3gzzLxlgXHh4rZw7YedS4QgQVFjxOql-webdw560OoQ==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: application/json
last-modified: Tue, 19 Nov 2024 21:48:16 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061309d3a856c4cb3d67fffb110d
x-77-nzt: EgwBT3/O6QH3ULcAAAwBuTvfFAG3tgwAAA
cache-control: public, max-age=31536000
via: 1.1 eef964f7ded2584b0acfd4f410d14ff2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 46928
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ 30 KB
5 KB 92ms
89ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame B876 30 KB
0 93ms
92ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame C43D 30 KB
0 93ms
93ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 0281 30 KB
0 94ms
94ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 334C 30 KB
0 95ms
95ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 98F4 30 KB
0 96ms
96ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame AE85 30 KB
0 96ms
96ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 939B 30 KB
0 97ms
97ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame C891 30 KB
0 98ms
98ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 524C 30 KB
0 99ms
99ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-15-13-47-25/ Frame 1B55 30 KB
0 99ms
99ms Stylesheet
text/css 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-15-13-47-25/widget_base.css?v=1731678445949
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-15-13-47-25/widget_app_base_1731678445949.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"f2af0550fd876a33ddea966e61b5093b"
age: 276
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: kPNFP0L_aoycycqZTZ2V_FD_rcmKK2XARinVEAsACf2irp2tWEmOqA==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 13:49:27 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6754473d0d
x-77-nzt: EgwBT3/O6QH3rXgGAAwBnJI73wG3BAAAAA
cache-control: max-age=864000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424109
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0281 42 B
65 B 96ms
95ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6xItVuHyoIXq5rDuZyyZfU9LWIF-HVdNeKt-ZFAVLnwHfP0EIreidsweAWnvpPOnN9fLdMXuTCS4wM0tpK_rBx0F1oMDe2ooIkCxdxY7MeuQPU2KQrXyMODAmkgH69S4BTKYiehr-uwL94OWp4VI5F7xCki4_kF7rryLib8ku_h3O3_38Td-s66kFAu5RCWHC7g&sig=Cg0ArKJSzD6mJM8MfyBgEAE&id=lidar2&mcvt=1000&p=603,1085,853,1385&tm=1404.7999992370605&tu=405.29999923706055&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1281250951&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2803590600&rst=1732103106524&rpt=644&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 77ms
77ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Wed, 20 Nov 2024 11:45:08 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 2 KB
3 KB 97ms
96ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a3cbde1aa854a9c69cc904d13e6c1467906af02925014f55a3b75d6755a01ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: https://www.ormanager.com/

Response headers

Cache-Control: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Length: 2418
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Wed, 20 Nov 2024 11:45:08 GMT
Content-Type: application/json
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 65ms
65ms Image
image/svg+xml 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
age: 2
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: Xu34x-DCUa-lbO8w1ofJ2ZOxGDQ02javz0unPTtsTYUxRRIjE1ddmQ==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Nov 2024 13:50:04 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061358d2ba50c4cb3d6751374413
x-77-nzt: EgwBT3/O6QH3rngGAAwBWbuxDAG3AAAAAA
cache-control: max-age=25920000, public
via: 1.1 b85629c88fd144a4bf7989a1ad1ecc54.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424110
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 66ms
65ms Image
image/svg+xml 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: www.ormanager.com
URL: https://www.ormanager.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: uc2WHMIwRG3upKPP1MOe7qTnVq8pBSgBXF8mvFdNgu1BeYwogpD5lw==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/svg+xml
x-77-nzt-ray: f03d061358d2ba50c4cb3d6751df4713
vary: Accept-Encoding
last-modified: Fri, 15 Nov 2024 13:50:05 GMT
x-77-nzt: EgwBT3/O6QH3rngGAAwBnJI76AG3AAAAAA
cache-control: max-age=25920000, public
via: 1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424110
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 74ms
74ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ormanager.com
URL: https://www.ormanager.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-11-15-13-47-25/paid/ 72 KB
26 KB 70ms
69ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-11-15-13-47-25/paid/remediation-tool.js?ts=1731678445949
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3d8bbe9bcc743391cd8b9f8453f9ed0717251532e981567a5f5c2012d90715b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ormanager.com
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"7e0fb76af6b7972da9c891878a50ab41"
age: 275
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: cZj_62E8yLfZRMKCR1ABv2RXnc-veh4mrE-hfBOqbbKvEMmS0gA7Pg==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 13:50:13 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061309d3a856c4cb3d6702758c1b
x-77-nzt: EgwBT3/O6QH3rHgGAAwBuTvfFAG3AQAAAA
cache-control: max-age=25920000, public
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 424108
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 vlTreZ78ZUYng138.json Show response
cdn.userway.org/remediations/consolidated/2647295/ 818 KB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2647295/vlTreZ78ZUYng138.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-15-13-47-25/paid/remediation-tool.js?ts=1731678445949
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68fa5629ac0f882000a996fa7ca8315f21f47457a2f568104d7217afc8c7bd8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"bf8cae888b5153db762a6f0a558f9832"
age: 4
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: NeiC4Jl4APi3gzzLxlgXHh4rZw7YedS4QgQVFjxOql-webdw560OoQ==
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: application/json
last-modified: Tue, 19 Nov 2024 21:48:16 GMT
vary: Accept-Encoding
x-77-nzt-ray: f03d061309d3a856c4cb3d67fffb110d
x-77-nzt: EgwBT3/O6QH3ULcAAAwBuTvfFAG3tgwAAA
cache-control: public, max-age=31536000
via: 1.1 eef964f7ded2584b0acfd4f410d14ff2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 46928
x-amz-cf-pop: JFK50-P7
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 172ms
87ms XHR
application/json 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089086

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

4d0c32f3ac02a255fd7029cfe0e6d200f09a0aea5e8c83469e28a2b443c1802e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13060
date: Wed, 20 Nov 2024 11:45:08 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 196ms
62ms Image
image/png 18.164.93.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-93-6.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: max-age=31536000
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
age: 4762278
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1283
x-amz-cf-id: -pzQyyIGNQn4YxG_VgYiGkacaHX2ob6QVa8FLEhhRr0N2ViBKvCjtA==
date: Thu, 26 Sep 2024 08:53:51 GMT
content-type: image/png
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 196ms
63ms Image
image/png 18.164.93.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-93-6.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: max-age=31536000
etag: "35ce74c31e3ef54462a234340af702d7"
age: 4762279
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1143
x-amz-cf-id: FjiMT2w5aXBtq6V8Zhrp7Xorwl5La4qWxcq69gbWYX9ta2MUDB07zQ==
date: Thu, 26 Sep 2024 08:53:50 GMT
content-type: image/png
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
646 B 195ms
63ms Image
image/png 18.164.93.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-93-6.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

cache-control: max-age=31536000
etag: "76f1993de0fd323f67cece8d8e63bfa2"
age: 4762279
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 277
x-amz-cf-id: bf1S_KSqIqv49FcODouTAYFHeapUxpe6zvWxTJmUrwm-inDfOPq_8Q==
date: Thu, 26 Sep 2024 08:53:50 GMT
content-type: image/png
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 200 favicon.png
www.ormanager.com/wp-content/themes/orm-theme/ 2 KB
3 KB 117ms
116ms Other
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/themes/orm-theme/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb5a13e0e223eca6a4b00982300ca24b0977b7eee2201fa72ff1b9ac57abec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-5b99dc7855-vzbqm
cf-cache-status: HIT
etag: "65ef5107-6cf"
age: 21919376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2B62owwPe0FYKKNXF4DcCMmQ%2BsZVJfFR8C%2FjNJcOS7gq6kbuL2WT1OwqLf%2FhG6AMA3%2BsWoAISnl%2F4mSpHK%2F3xbgAp0wFuDL8%2B1VQeKyECAvp8yZac4yk%2F3sMo%2FnaMzzj0j10Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 12 Mar 2025 18:53:28 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=113612&sent=3838&recv=521&lost=6&retrans=6&sent_bytes=4429089&recv_bytes=68390&delivery_rate=924&cwnd=310758&unsent_bytes=0&cid=34e1741264ae0e79&ts=4219&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/png
last-modified: Mon, 11 Mar 2024 18:44:23 GMT
x-served-by: cache-chi-kigq8000049-CHI, cache-sjc1000142-SJC
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1710183732.418918,VS0,VE53
x-styx-req-id: a5dbbf6e-dfd8-11ee-9eea-02761aa84030
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e58312d3d155c17-SJC
accept-ranges: bytes
content-length: 1743
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 226ms
78ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 11:45:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 cropped-ORM-logo-icon-512x512-1-1-32x32.png
www.ormanager.com/wp-content/uploads/2023/04/ 1 KB
2 KB 118ms
118ms Other
image/png 172.67.178.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ormanager.com/wp-content/uploads/2023/04/cropped-ORM-logo-icon-512x512-1-1-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b353e65e344b4507fd9a9f0fd6ae530ec074669dc8d373c518a33ef7ce1e2338

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

x-pantheon-styx-hostname: styx-fe1-b-778cbf697c-pdbt7
cf-cache-status: HIT
etag: "642de18a-4b8"
age: 8659766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZoU44RH2OgF6rgCgU3CaFzuWwx3m4C%2F4LFGhAZT5F7U6g3BG7JfQTnXeopw%2Fjj9cePwHNLWHbIwfCG9Gcx4v6Qg4mO7gcdsHeH0FiIpuQ73dtuIHXCVU%2FjoiSn%2BPVYOs4gxbg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 29 Jul 2025 19:13:24 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT, MISS
server-timing: cfL4;desc="?proto=QUIC&rtt=112698&sent=3842&recv=523&lost=6&retrans=6&sent_bytes=4431823&recv_bytes=70256&delivery_rate=22645&cwnd=310758&unsent_bytes=0&cid=34e1741264ae0e79&ts=4340&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 11:45:08 GMT
content-type: image/png
last-modified: Wed, 05 Apr 2023 21:00:58 GMT
x-served-by: cache-chi-klot8100025-CHI, cache-sjc1000089-SJC
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=31622400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1723443343.629689,VS0,VE58
x-styx-req-id: 7685572b-4d15-11ef-9dd4-a242a277d8fd
via: 1.1 varnish, 1.1 varnish
cf-ray: 8e58312dfd825c17-SJC
accept-ranges: bytes
content-length: 1208
server: cloudflare

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 63ms
63ms Stylesheet
text/css 18.164.93.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.93.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-93-6.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"7144eaceff0b31347712515a6116074e"
age: 4762279
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: A9W_JBCePgUCMg6_SWER7FTk3be1ovTnKxmdjYi9SGPodBJbBCEbGA==
date: Thu, 26 Sep 2024 08:53:50 GMT
content-type: text/css
last-modified: Thu, 25 Jan 2024 18:19:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET eca14e43-b243-4348-8386-65cfb76927b9
https://www.ormanager.com/ Frame 0
0

GET 5f12384a-4fd1-4cf5-8d6c-5be32347afc6
https://www.ormanager.com/ Frame 0
0

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B6C6 0
0 189ms
63ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:02 GMT
expires: Wed, 20 Nov 2024 12:35:02 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame CADD 0
0 207ms
87ms Document
text/html 142.250.80.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzZnfwU2Pyhgb5yy3/88c618ec-06a2-411f-8a3f-46a41e3ef5ec/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h3oXFfBJZ-L3KT2A30tIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ormanager.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-h3oXFfBJZ-L3KT2A30tIzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 11:45:09 GMT
expires: Wed, 20 Nov 2024 11:45:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 74ms
73ms Image
text/html 142.250.65.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 20 Nov 2024 11:45:09 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/WxjFbAFazjuGbkFz/ Frame 0
0 327ms
172ms Preflight 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/WxjFbAFazjuGbkFz/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Flogo-light.png%22%2C%22alt%22%3A%22Lucky%20Orange%20Chat%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fsound-on-white.png%22%2C%22alt%22%3A%22Click%20to%20mute%20chat%20sounds%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fai-series.jpg%22%2C%22alt%22%3A%22AI%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fasc-leader-logo-no-tagline.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-bottom.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-top.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2FOR_AMBanner.png%22%2C%22alt%22%3A%22OR%20AM%2C%20your%20daily%20source%20of%20critical%20news%20from%20OR%20Manager%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2For-letters.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2018%2F04%2FTheBMJ.jpg%22%2C%22alt%22%3A%22Cover%20for%20Study%20finds%20high%20rates%20of%20preventable%2C%20adverse%20events%20in%20perioperative%20care%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F10%2F41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2023%2F05%2FGAO.png%22%2C%22alt%22%3A%22Cover%20for%20GAO%20urges%20HHS%20to%20strengthen%20cybersecurity%20oversight%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F2-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F3-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F4-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F5.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdisaster-prep-series-350x120.jpg%22%2C%22alt%22%3A%22Disaster%20Preparedness%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fleadership-series-350x120.jpg%22%2C%22alt%22%3A%22Leadership%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Forbmc-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Form-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Formc_22_05230-1-350x120.jpg%22%2C%22alt%22%3A%22OR%20Manager%20Conference%20Poster%20Research%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Frsi-series-350x120.jpg%22%2C%22alt%22%3A%22Preventing%20Retained%20Surgical%20Items%20(RSI)%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2FHealio_Logo.jpg%22%2C%22alt%22%3A%22Cover%20for%20Study%3A%20GLP-1s%20reduce%20TKA%20complications%20for%20non-diabetic%20patients%20with%20obesity%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fshutterstock_83948470-scaled.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F07%2FORMC24-Social-Posts-22-100x100.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F09%2Fshutterstock_1720683121-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F09%2FzORM_1024-cover-image-225x300.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F10%2FTravel_Nurse-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F11%2FERAS.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.ormanager.com%2F%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ormanager.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Wed, 20 Nov 2024 11:45:10 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBT3/O6QAACAGckjvoAAA
x-77-nzt-ray: f03d061310c84a95c6cb3d6768c13a15
x-77-pop: newyorkUSNY
x-service-version: img-dscr-srv-a1be253c

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/WxjFbAFazjuGbkFz/ 6 KB
1 KB 67ms
67ms Fetch
application/json 2a02:6ea0:c400::54
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/D3N8S6eZYY/2647295/WxjFbAFazjuGbkFz/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Flogo-light.png%22%2C%22alt%22%3A%22Lucky%20Orange%20Chat%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fd10lpsik1i8c69.cloudfront.net%2Fgraphics%2Fsound-on-white.png%22%2C%22alt%22%3A%22Click%20to%20mute%20chat%20sounds%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fai-series.jpg%22%2C%22alt%22%3A%22AI%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Fasc-leader-logo-no-tagline.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-bottom.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Feducation-center-top.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2FOR_AMBanner.png%22%2C%22alt%22%3A%22OR%20AM%2C%20your%20daily%20source%20of%20critical%20news%20from%20OR%20Manager%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2For-letters.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fthemes%2Form-theme%2Fassets%2Fimg%2Form-logo.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2018%2F04%2FTheBMJ.jpg%22%2C%22alt%22%3A%22Cover%20for%20Study%20finds%20high%20rates%20of%20preventable%2C%20adverse%20events%20in%20perioperative%20care%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2022%2F10%2F41775_ORM23-Media-Kit_RH1-7-pdf-232x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2023%2F05%2FGAO.png%22%2C%22alt%22%3A%22Cover%20for%20GAO%20urges%20HHS%20to%20strengthen%20cybersecurity%20oversight%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F2-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F3-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F4-1.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2F5.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fdisaster-prep-series-350x120.jpg%22%2C%22alt%22%3A%22Disaster%20Preparedness%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fleadership-series-350x120.jpg%22%2C%22alt%22%3A%22Leadership%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Forbmc-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Form-240x80.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Formc_22_05230-1-350x120.jpg%22%2C%22alt%22%3A%22OR%20Manager%20Conference%20Poster%20Research%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F03%2Frsi-series-350x120.jpg%22%2C%22alt%22%3A%22Preventing%20Retained%20Surgical%20Items%20(RSI)%20Series%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2FHealio_Logo.jpg%22%2C%22alt%22%3A%22Cover%20for%20Study%3A%20GLP-1s%20reduce%20TKA%20complications%20for%20non-diabetic%20patients%20with%20obesity%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F05%2Fshutterstock_83948470-scaled.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F07%2FORMC24-Social-Posts-22-100x100.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F09%2Fshutterstock_1720683121-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F09%2FzORM_1024-cover-image-225x300.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F10%2FTravel_Nurse-scaled.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.ormanager.com%2Fwp-content%2Fuploads%2F2024%2F11%2FERAS.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.ormanager.com%2F%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-15-13-47-25/paid/remediation-tool.js?ts=1731678445949
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 86be92db957194d1416e7f665f363917f2f63b9cb1f086b9446601fa1906f548

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1831-F8P/93Cb3PzyKll3t4iM9Z+wiOs"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Wed, 20 Nov 2024 11:45:10 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: f03d061310c84a95c6cb3d67f1c6511e
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EggBT3/O6QFBDAGckjvoAbccwgAA
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: newyorkUSNY
x-77-age: 49692
x-service-version: img-dscr-srv-a1be253c
server: CDN77-Turbo

GET
H2 200 2647295 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 114ms
113ms Fetch
application/json 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2647295
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-15-13-47-25/paid/remediation-tool.js?ts=1731678445949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Wed, 20 Nov 2024 11:45:10 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 2647295 Show response
api.userway.org/api/br-links/v0/links/ 11 KB
4 KB 116ms
116ms Fetch
application/json 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2647295
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-11-15-13-47-25/paid/remediation-tool.js?ts=1731678445949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32c93d43f884c65e7006e8924a66e1779c91ff03d5104280d7c746e9b5c3a1f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ormanager.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
content-encoding: gzip
etag: W/"2a1b-uQWlSKkkSCwi/vOytLOWlZ1Rrv8"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
date: Wed, 20 Nov 2024 11:45:10 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/f9d10ca5-7ea9-4e05-b709-205f20d79fb3

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/933a9c18-e903-4831-9666-e5e1f52b32f6

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/483e5c1a-c356-46e3-8f0e-627498b4e4f9

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/19aa1c95-eb66-49f8-bf13-cee07528ab50

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/f8336dd6-d39e-4c4f-b263-742dfc05b858

Domain: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/ce0b3962-5aa2-4a48-96ed-fdb49df0ad9a

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/8afd2863-2d83-4430-8098-2ab98a691a3e

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/87a7b013-fa92-41af-bb1c-d643d20735df

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/ddbc7f29-49fc-4302-8068-6cde3daa36e4

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/4046948e-af1d-41f1-927b-be0ebcc9774c

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/11f45753-956b-4596-81f4-7af0801b9495

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/09b476d0-3269-4919-9f3d-f031e4b8fd4c

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/037ad158-e9f5-44fd-8c26-c3b55ddb667d

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/bdfd45fe-dc01-4e43-8702-ea9de903dcd7

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/ea783ef2-9fac-4cf2-9a91-c200a355935f

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/eca14e43-b243-4348-8386-65cfb76927b9

Domain: www.ormanager.com
URL: blob:https://www.ormanager.com/5f12384a-4fd1-4cf5-8d6c-5be32347afc6

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411180101&jk=4456239675412577&bg=!YmGlYS7NAAY7_TBtG_07ADQBe5WfOCgNIflAuY_to03TA2o7RvM7OeaFAZx4yAx0gg8zYXUcDLwt1rheg4Rh60pez-2OAgAAAENSAAAABGgBB34ANuClmzXuQD2SKA12hwHqwhcJ2OZvmug9z7Oy6v88e2i0605_5mrq_WZmDnn6fZCj2tVgSjKF95kCmgL7425-Uv_4Z9E4ijIB-wAQh8FqG5r0zY8Lck6LQ3m9vaCit_hwI9aBHd6iSt4bxPVzeELPU1vbsEb7I6BXjkd69_hTXW4p5ZFOroyupHFqwpm-cx9oQp4rcI2Z7R_DFYCylpvMflIxFpbW1ot3gsPMX_FIKq4l4kR2tdqvQ_uV7TlPTbpxrwiBRI7U9OXonSersfFNKQK5tQRW8YHEp6cSkQ72wfvj4RwahB688oXiI8OFIbA7SvxveuQ-PEr4QMeLGawoOYiKHNXwQ0R2LEbTIwLqiWNOS_FcqFaBRE05SjXczjb5dO0EoND7w231dMPWYUEcuI1bSx0aOvuxLmLHBG1zpcRxcl8vFuksAZgOHlP6BXX0YUUjpMqE51KoSWnPobTMLUAJJTAxBAIlHFVkfNEXElZSbtS7bOPibLD080ClmYZhBdsirUGJcI9ElNNYmRXL1dt5tXdl1dISVeL7cZgfiVgmZpNiWwuzL-Mc-WdSPuVl6HPRo2gCiw-Yp0POlbPvmUV0dKgDFy65bt_zazC77LXK8zRq_abszIy9toBA6QYD_I40bccAno8m3BSSb426WdEjd_gP6nhqmIJNrgCU52l3jhSxszBrmTR8Y9JWWYLokWMTyNxqvXNoDH8T76pSEcC43U3lSDOwDOc1yngTaoyZOJ0pfgFNW_648KmNx0HoD3HWZuli096ZuuObOqRRkkxn9g2cMiDEtvgEfTSs1jMUojCZKUNwtKse9XJIBZ7d6ZtgAfPkR04iWWbaJlsaaOa-PXP-D8eg41Ql0DxuslNUBtena5lXT826TlTVlMlCV63-aVJZEjYGRluTdc7y93Om2cPfqdSRdOldR6fN8J6hBCzb-UHufr_IgqTmon8KsiiiNA

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ormanager.com/	1970-01-21 05:27:35	Name: optimizelyEndUserId Value: oeu1732103105098r0.24425203472001833
.ormanager.com/	1970-01-21 05:27:35	Name: optimizelySegments Value: %7B%7D
.ormanager.com/	1970-01-21 05:27:35	Name: optimizelyBuckets Value: %7B%7D
.ormanager.com/	1970-01-21 01:08:23	Name: optimizelyPendingLogEvents Value: %5B%5D
.ormanager.com/	1970-01-21 09:53:59	Name: osano_consentmanager_uuid Value: 2b75dcd1-9528-4ce3-9ad0-02b81fc5b733
.ormanager.com/	1970-01-21 09:53:59	Name: osano_consentmanager Value: Y8l6Lrn3G-I2y3HOJC43HnVa8FxA0O7yMwAZUxlzgUKLiIYJ6Yz9ehkl_hJ53A68u9VQsDmlKGibmqwnI9HZDPwJ04xlH1v3BUTtxoFRo1sMO4uO4M_xQYU0VCuCKTvoL7niaS5cx6zyA0QNNvAVVCAirOe-unaZX5-VEOMcaqwTX3YXdjZPrATyBQa28IxdUsp6CwvqT9jfGHloou6k5UdgjOEljBx9ZI_SYBunnvLdJnD6WNaO04Bpy09421mgRmB0nzC0DSTgQ12re0w91QRgicinE2ep8lqPtOth3Zn8Up4DZOlXlacIwDZ9VvhqPvGA-04wit0=
.ormanager.com/	1970-01-21 09:53:59	Name: oly_anon_id Value: 61942ff8-1ced-4671-bb66-4d3b55afba4b
.ormanager.com/	1970-01-21 01:08:24	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.ormanager.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1732103105854%2C%22slts%22:0}
.ormanager.com/	1970-01-21 10:37:47	Name: _parsely_visitor Value: {%22id%22:%22pid=abbc6413-9878-4848-80db-ced0daf63ce1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1732103105854}
.ormanager.com/	1970-01-21 09:53:59	Name: oly_fire_id Value: 5013H3565790A2O
www.ormanager.com/	1970-01-21 01:08:23	Name: olytics_dfp_keys Value: []
.ormanager.com/	1970-01-21 10:29:59	Name: __gads Value: ID=7c863443f6f9682d:T=1732103106:RT=1732103106:S=ALNI_Ma93h5jx9syE6TLn8hLJC0XNX54Ww
.ormanager.com/	1970-01-21 10:29:59	Name: __gpi Value: UID=00000f99e63cf861:T=1732103106:RT=1732103106:S=ALNI_Ma6qcurSQP2iM2-sWj2asNfiSzJ3Q
.ormanager.com/	1970-01-21 05:27:35	Name: __eoi Value: ID=3d76bbccb992f7cc:T=1732103106:RT=1732103106:S=AA-AfjYmE7S6XIlKYmGy5B-ymKjO
.vimeo.com/	1970-01-21 10:44:23	Name: vuid Value: pl1220796077.1346756440
.ormanager.com/	1970-01-21 03:17:59	Name: _gcl_au Value: 1.1.949841746.1732103107
.doubleclick.net/	1970-01-21 10:44:23	Name: IDE Value: AHWqTUmL-riDQxE2viMQZs1GpJRESRSJTfhXOu0rQAPh7nne-ZjRiKGHw3xeMbbQPo0
.vimeo.com/	1970-01-21 01:08:24	Name: __cf_bm Value: B9DHf7Rae.KEv.bkPd.3lY1.BAg_3r5UEAQT7EKS32s-1732103106-1.0.1.1-ZbNV7RPbtwdsKVv8JNjrwiZIpVMGZK.6B2Ot_AHNLDT_7mAsJQdBm3dWChHeefwF
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6AlG7qwlbIyVyT3MiQtyA5yK28tVNV3.s_Dx54pHrRQ-1732103106689-0.0.1.1-604800000
.doubleclick.net/	1970-01-21 01:51:35	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 05:27:35	Name: receive-cookie-deprecation Value: 1
.ormanager.com/	1970-01-21 10:44:23	Name: _ga Value: GA1.1.1064330803.1732103107
.ormanager.com/	1970-01-21 03:17:59	Name: _fbp Value: fb.1.1732103107262.728400229292989048
.d.adroll.com/	1970-01-21 10:37:11	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 10:37:11	Name: receive-cookie-deprecation Value: 1
.sitescout.com/	1970-01-21 01:51:35	Name: _ssuma Value: eyIyIjoxNzMyMTAzMTA3Mzc3LCI0IjoxNzMyMTAzMTA3Mzc3LCIzOSI6MTczMjEwMzEwNzM3NywiNyI6MTczMjEwMzEwNzM3NywiOCI6MTczMjEwMzEwNzM3N30
.sitescout.com/	1970-01-21 09:53:59	Name: ssi Value: 1f343083-db59-452f-b274-043795fb1c3b#1732103107378
.ormanager.com/	1970-01-21 09:54:20	Name: __adroll_fpc Value: 9ac9f7e3ccaf0fc91562f0f05f2de629-1732103107492
.tapad.com/	1970-01-21 02:34:47	Name: TapAd_TS Value: 1732103107516
.tapad.com/	1970-01-21 02:34:47	Name: TapAd_DID Value: d7e95fee-5c3b-4b63-92b2-907a536649a9
.rlcdn.com/	1970-01-21 09:53:59	Name: rlas3 Value: aawo3ImHt6ejhstDzyhyoHc8918XKNO+ETGjRtFnMgI=
.demdex.net/	1970-01-21 05:27:35	Name: demdex Value: 41151638996213611722030770902771058385
.exelator.com/	1970-01-21 04:01:11	Name: EE Value: "840b49eb527a8e524d943736fccd7b9a"
.crwdcntrl.net/	1970-01-21 07:37:08	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:37:08	Name: _cc_id Value: 6b9ff7afc987c1aee7a794245684343b
.crwdcntrl.net/	1970-01-21 07:37:11	Name: _cc_cc Value: "ACZ4nGNQMEuyTEszT0xLtrQwTzZMTE01TzS3NDEyMTWzMDE2MU5iAIJ029OHGRAAAGf7Cy0%3D"
.crwdcntrl.net/	1970-01-21 07:37:11	Name: _cc_aud Value: "ABR4nGNgYGBItz19mAEOABqyAjM%3D"
.dpm.demdex.net/	1970-01-21 05:27:35	Name: dpm Value: 41151638996213611722030770902771058385
.exelator.com/	1970-01-21 04:01:11	Name: ud Value: "eJxrXxzq6XKLQcHCxCDJxDI1ydTIPNEi1dTIJMXSxNjc2CwtOTnFPMkycXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYYEl%252BUWb6otDgxUUpaQyLSopPBZ9csgkAowgq3w%253D%253D"
.ormanager.com/	1970-01-21 10:44:23	Name: _ga_2BTEL2PXRG Value: GS1.1.1732103107.1.0.1732103107.0.0.0
.www.ormanager.com/	1970-01-21 09:53:59	Name: __ar_v4 Value: %7CGRF2WTX3ENFVZOARHY6IYZ%3A20241120%3A1%7CX6YBME3QZJHKNCP5TZ7UCU%3A20241120%3A1%7CCSIZXAVYFRGKJBQWOWQODK%3A20241120%3A1
x.adroll.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.ormanager.com/	1970-01-21 07:37:13	Name: intercom-id-b1wfmjvz Value: 0c1d1076-bf88-4748-8881-4f2c5f833ec2
.ormanager.com/	1970-01-21 01:18:27	Name: intercom-session-b1wfmjvz Value:
.ormanager.com/	1970-01-21 07:37:13	Name: intercom-device-id-b1wfmjvz Value: f2a8e622-3f8a-47c7-8811-45ff0b17b988
.www.google-analytics.com/	1970-01-21 03:17:59	Name: ar_debug Value: 1
.rlcdn.com/	1970-01-21 02:34:47	Name: pxrc Value: CMOX97kGEgUI6AcQABIFCOhHEAA=
.casalemedia.com/	1970-01-21 09:53:59	Name: CMID Value: Zz3Lw9HM5WQAABCzBiZfKwAA
.casalemedia.com/	1970-01-21 03:17:59	Name: CMPS Value: 5790
.casalemedia.com/	1970-01-21 03:17:59	Name: CMPRO Value: 5790
.openx.net/	1970-01-21 09:53:59	Name: i Value: 2e22cb04-265b-4ade-acbe-d5704865fd8e\|1732103107
.bidswitch.net/	1970-01-21 09:53:59	Name: tuuid Value: add9b63c-ca4e-4af8-bd5c-37f2b9aeea85
.bidswitch.net/	1970-01-21 09:53:59	Name: c Value: 1732103107
.rubiconproject.com/	1970-01-21 09:53:59	Name: audit_p Value: 1\|miYPVQIXXrJvbefLN7lOIZPja2RVfry0O3O0kuJq5M+bz16xSA9sXU5Ejxo5XaZvNEMJ+/90RvGM1KxoLazIt7kxm0k08nop+R4DB+iLIkFRHRQnme6hN+z8JY0bul8Aa69BLrD9IKiCdMSqpdUyvR6IP1nQ/aSB7FLryFPSK4G4luEnZkxfEw5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 09:53:59	Name: khaos Value: M3PTGVPC-11-D0I9
.rubiconproject.com/	1970-01-21 09:53:59	Name: khaos_p Value: M3PTGVPC-11-D0I9
.rubiconproject.com/	1970-01-21 09:53:59	Name: audit Value: 1\|miYPVQIXXrJvbefLN7lOIZPja2RVfry0O3O0kuJq5M+bz16xSA9sXU5Ejxo5XaZvNEMJ+/90RvGM1KxoLazIt7kxm0k08nop+R4DB+iLIkFRHRQnme6hN+z8JY0bul8Aa69BLrD9IKiCdMSqpdUyvR6IP1nQ/aSB7FLryFPSK4G4luEnZkxfEw5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 03:17:59	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 03:17:59	Name: tluidp Value: 2009160747863444613797
.3lift.com/	1970-01-21 03:17:59	Name: tluid Value: 2009160747863444613797
.bidswitch.net/	1970-01-21 09:53:59	Name: tuuid_lu Value: 1732103108
.yahoo.com/	1970-01-21 09:54:20	Name: A3 Value: d=AQABBMTLPWcCEM7-G0iO9JIhvKwRfqwokzgFEgEBAQEdP2dHZ9ww0iMA_eMAAA&S=AQAAAp8QEzkAIz5IXJUMlyEVR6A
.taboola.com/	1970-01-21 09:53:59	Name: t_gid Value: 0a1a3e14-9c91-4e75-92ac-2b00df7d9773-tucte375144
.taboola.com/	1970-01-21 09:53:59	Name: t_pt_gid Value: 0a1a3e14-9c91-4e75-92ac-2b00df7d9773-tucte375144
.pubmatic.com/	1970-01-21 03:17:59	Name: KRTBCOOKIE_10 Value: 22808-MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&KRTB&22883-MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&KRTB&23504-MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk&KRTB&23615-MDgwZGI4NjUzZGIzOGU4YWEwNDZlZWIxMDRlMmY2MDk
.pubmatic.com/	1970-01-21 01:51:35	Name: PugT Value: 1732103108
.d.adroll.com/	1970-01-21 10:37:11	Name: __adroll Value: 080db8653db38e8aa046eeb104e2f609-g_1732103108-a_1732103107
.adroll.com/	1970-01-21 10:37:11	Name: __adroll_shared Value: 080db8653db38e8aa046eeb104e2f609-g_1732103108-a_1732103107
.pippio.com/	1970-01-21 09:53:59	Name: did Value: i7_MaUnkqnfZgYbf
.pippio.com/	1970-01-21 09:53:59	Name: didts Value: 1732103108
.pippio.com/	1970-01-21 02:34:47	Name: nnls Value:
.pippio.com/	1970-01-21 02:34:47	Name: pxrc Value: CMSX97kGEgYIgr0rEAA=
.adnxs.com/	1970-01-21 03:17:59	Name: XANDR_PANID Value: FQ31cOxaYk-LmmsUkKUV1ymzbBXjm5PHIWVfO44QtB7gy5Le1mv3MRIHW_mB_auxK7E9yXZ-K3g2RM4WfU6lpEjicjTw_1REGHzYS82Hyqs.
.adnxs.com/	1970-01-21 10:44:23	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:17:59	Name: uuid2 Value: 8243074959802273088
.adsrvr.org/	1970-01-21 09:53:59	Name: TDID Value: 76fc76be-64a6-4292-921a-56ce999f1271
.analytics.yahoo.com/	1970-01-21 09:53:59	Name: IDSYNC Value: 1770~2lxn
.adsrvr.org/	1970-01-21 09:53:59	Name: TDCPM Value: CAESFAoFdGFwYWQSCwicjIOM2tjEPRAFGAUgASgCMgsIori_uPDYxD0QBTgB
.adnxs.com/	1970-01-21 03:17:59	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Hb7wsZ61!@wnfH1Ya.O4]7Q=EE(IbkfLsj(6rn_oOC-v:HIR:$(ABvrk/Z:#tyluuuYnuz^%fv:>+I-4CjW0cy9.!0qZ(SUc!$a_WYb>Eu
.tapad.com/	1970-01-21 02:34:47	Name: TapAd_3WAY_SYNCS Value: 1!7811
.linkedin.com/	1970-01-21 03:17:59	Name: li_sugr Value: fea77a07-bf3c-4fa1-a222-3569d0654f26
.linkedin.com/	1970-01-21 09:53:59	Name: bcookie Value: "v=2&ef395bc5-ba62-4a3b-89a3-76df060bb764"
.linkedin.com/	1970-01-21 01:09:49	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3413:u=1:x=1:i=1732103108:t=1732189508:v=2:sig=AQHVq1ndEnxZz4moXHYVyWN8hmrzbBXj"
.ormanager.com/	1969-12-31 23:59:59	Name: ai_core_ip_checked Value: 1
.ormanager.com/	1970-01-21 10:44:23	Name: _lo_uid Value: 330014-1732103106807-b53db0fde6f5452a
.ormanager.com/	1970-01-21 01:08:23	Name: _lorid Value: 330014-1732103106807-b07151c77d136e57
.ormanager.com/	1970-01-21 09:53:59	Name: _lo_v Value: 1
.ormanager.com/	1970-01-21 05:27:35	Name: __lotl Value: https%3A%2F%2Fwww.ormanager.com%2F

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vmss.boldchat.com/aid/322065871255520080/bc.vms4/vms.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=300
X-Content-Security-Policy	default-src 'self'; img-src ; media-src data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12891178.fls.doubleclick.net
ad.doubleclick.net
api-iam.intercom.io
api.userway.org
apps.decisionbriefs.com
c85525e94ae38061d5decb8d24d945fa.safeframe.googlesyndication.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.parsely.com
cdn.userway.org
cdn77.api.userway.org
cdp.omeda.com
cm.g.doubleclick.net
cmp.osano.com
connect.facebook.net
consent.api.osano.com
d.adroll.com
d10lpsik1i8c69.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
js.intercomcdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
olytics.omeda.com
oqs.omeda.com
ormanager.disqus.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.vimeo.com
px.ads.linkedin.com
s.adroll.com
securepubads.g.doubleclick.net
settings.luckyorange.net
ssl.luckyorange.com
static.addtoany.com
sync.outbrain.com
sync.taboola.com
td.doubleclick.net
tpc.googlesyndication.com
up.pixel.ad
ups.analytics.yahoo.com
us-u.openx.net
vmss.boldchat.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.ormanager.com
x.adroll.com
x.bidswitch.net
ep1.adtrafficquality.google
vmss.boldchat.com
www.ormanager.com
104.18.11.207
104.18.27.193
107.178.254.65
108.139.47.114
13.249.91.16
141.226.224.48
142.250.65.194
142.250.65.226
142.250.65.227
142.250.65.232
142.250.80.36
142.250.80.38
142.250.80.66
142.250.80.98
142.251.40.102
15.197.193.217
151.101.193.229
162.159.128.61
162.159.138.60
172.67.178.30
172.67.39.148
172.67.75.100
18.164.101.60
18.164.116.7
18.164.93.6
199.232.192.134
2001:4998:14:800::1001
204.180.130.159
204.180.130.165
207.65.37.184
216.157.106.133
2600:1f14:5db:eb22:1a7e:64d6:999d:cf9b
2600:1f18:61c0:2205:cf1a:ca91:4d37:8c32
2600:1f18:61c0:2208:b7ad:67e0:5e9c:661b
2600:1f18:61c0:220c:bc7c:4e18:20a7:79f9
2600:9000:21f9:5400:1e:5cef:3780:93a1
2600:9000:23cb:7800:6:9280:1080:93a1
2600:9000:2807:fe00:3:b7e:8940:93a1
2606:4700:20::681a:4f4
2606:4700::6812:4139
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2001
2607:f8b0:4006:816::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::200e
2620:1ec:21::14
2a02:6ea0:c400::54
2a04:4e42::485
3.213.226.18
31.13.80.12
31.13.80.36
34.111.113.62
34.194.161.83
34.36.216.150
35.211.202.130
35.244.154.8
35.244.159.8
35.71.139.29
44.197.143.75
44.209.155.11
68.67.160.114
69.173.146.5
69.28.187.147
70.42.32.255
00426c5f1a33d40d140a64dc113f9fbf545602474782e044d0155e3dadef6a62
03f9c2418ffb81fd9bf6a32c26f4134e1fcaafb75e2a97e4bf5065c99494971f
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
066fd763ae80d8c10477182a76d859fa2ce27405d8599aaf4ff76127389dd65b
070efcc920b53b515781fe4aacb83cb00a58938e48a285a3032049c04e9a0959
0a0a294dcfc1d79516ae254eaf77daad096df290d6a7d12c81b127feb4aec5d9
129ea57e87d74fc7c803b247f69db2ec826d566fb6e61d812412e21c894f9b5f
13d40f7b29da3fbaa5ba31a50936168734539a9ed378d02e4d7b68468f0defcf
1889f65ec8711c38d9f5789d2fcd4d2f13fa1d1e4b8b3bc4d4a7193c0fae5f1e
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
245aa60fb782cc0b9ddf3902ab304929664bf450a269773ad1ab61b9916f1b1a
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
260e0276583435543420c8dedddb0c6953a9d8803ac03daf9b0c9649b6db5c76
28753f5795492b8a49f887adad7bf0e8109d396fac7d21f4c0a2e9d9ecef9fc1
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2d8f379e7798c0c19db5927db7c0aca833170d3f479f360d5b2f7200492cb0dc
2e06317ed2d9c779a6cbbe73ac7a614ca1b5fc845ec6fa473c1f18f7dff67b7b
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
300ad9ef483fbb3ad101d36dd448c85a5a02f98b47fe593a2c4a11763747df13
301d6b687e4615422935b88ddd18d7196c08f796d3a762e62ae6a32e1629830b
303dc1da0e3a5f2e00b7610ae4678f981766b37a104dd2fbe356a9994fecb607
304381cbaba19396ac092dca91f7ec209bf6ec1d276b39c52c96df6a8713ea65
3166b6172873ea9eda556121cbe9ff020315da2c1dcd3b165c8c8339fea7428b
32c93d43f884c65e7006e8924a66e1779c91ff03d5104280d7c746e9b5c3a1f6
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
38cb12140d5165bc886a6f1b1a49aba023e37914c9012c6ec8453efa45380a98
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3cbe6635b4370b3921f86b59e557ff562b3ce51fa14ec3ffd5948e1e396749fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f07a45b92419d219f1f41caac4b12421b89a725c16db41f531c32d62312b919
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
416455c86e68ef950308d1e274895568ebf96ddee07165eb2bc9c64707693a68
425392c8036438e9fe2acdd7797f01c619891d272fc732b8a5407bbc00c69723
42d81a06c9d73f10215cbe1ed89af14c3779ef0215ddc6beec66ae9c21113376
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
43b3ee62bbab4fbd0e46cc715a920fe8956931222f425d2acfef31585eff6abb
489168ccbdeb0ec45ce5c7ce266303272b2bf198b730d888c3fabdab73b052e8
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9d5bc0f6b85fc14d648e7c529ac8b119bfd2b61c7255d485f613653fd7349d
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4d0c32f3ac02a255fd7029cfe0e6d200f09a0aea5e8c83469e28a2b443c1802e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7af18f3d0fc3bfce827aacf924aaa1da642cb90a68cf4b5f1ee4ee1421ef5c
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51abb6dc7dabb1cdf09a1bb8d4579f4e63befdfb1c9d6d6dd15f3af854a777cd
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b54de1182d996f2bc5d9b2a8d1097bea47d0e1eaeb8c4fa6b81e55b60df841d
61384c102c2bcf613c9abc529fb6f185e88526006b089bf395d94d757afae395
64f79d2b82f30e45a0f64e55d407500f68dd1de845dac688084e88cc4bfff4e4
6505f9fbf677adebc067d650497fda74ed24622632c1e2d13d4f0f89a46ea536
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
65cdc73c86e3d902c50f0ed241f93d440515390dd48e33e245fae2a3a17f18af
669f0ff7dbd9d3f7f255e02f437669acedf2015eb6a03b9e887d8cca54c1b10e
68fa5629ac0f882000a996fa7ca8315f21f47457a2f568104d7217afc8c7bd8d
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
73600985966bcb1cafedc65035d887c1744799a7f60dcf7c8c09c53ec6144dc3
76bb296c912b62b88eb6ca3589956f6961105d2cac7ff6fab4350ab1f7598e3b
77de2f63450b98f6d5f5e0e2b8e41cc062f3220b96922dd8fa90b9acb83a2fe9
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
79898bfbe1e87e1fc9342125c30a7a9e1733a16d3d0b23e17731885d5b207a25
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
81e2eccb954a19b8c5db97e3137ceddd24140d482ed357caccfb1f716e69ab2b
82332b5162d1248851836c20a49503f2625b9f58b4a1a92cb0e11e3b45613d70
8265097b8810ca03eecb3cbb7f454a3ff597af15840381e849aa9eeae3b5d7f4
8283fc67f7c7448327574c49bda3245223d8a00b77100407b812746c12455adf
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
854111a7cfa9dd52046bebac4b8482d7a7276685eeddc8db1bafd21a88e00054
86be92db957194d1416e7f665f363917f2f63b9cb1f086b9446601fa1906f548
880a3b7967dc2147a2e0f91f6d8f0992567ec729b43d1663c06f44603d8a48e9
88774a690c8481144dbb8919e693669b2fe915d3898d78beed8a0c38673de186
8936cb632799aea6cdd63fc728d4b6332d9f0785d562cf414ee208d387f0f507
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
91b389a3bd71def3031096c743b1a85ee323190cd01dba55d06c93287dbf6516
929bcc014cf4b84eaf5a9808188b3050c27dc0685b1b56fde00c905ae2241656
93377095748730677d7f412542cf09f2c9612e3829bf82fdbd5d392a18fa3000
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
968838ec4987fc04d49c939a7671b925c45f3767e916167316e1b637da926220
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99eca15ff9addd9ead499e884eee2ce6ffb5dbc1e21dda13ce55b780ca2c1b63
9d68e64e8400eb2e298164580dd19dc58651d6587513cf95d659c6dc6902b2cf
9d8b090c73057431f228beba26758af2752324994b40e1320525347d2eb8cc76
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a088b6cd66e34e2b2eca21c2ec8c4278434e0158f955bed4eb310ad09cbae99a
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a3cbde1aa854a9c69cc904d13e6c1467906af02925014f55a3b75d6755a01ee5
a674c2409821d4e965a3a435231bc3d5ac622b0d9dd668af3d03454ab67d3d21
a73a41be62a878b8717d305cecc1043d02fde8765459d4e31fe430c45e4af7eb
a7ff3f6beeb6d7baaf2f849401db15f5e13b713034ff77131fa80d219bfec6a6
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
aa19b8989bdceb7c2c53fef9e382c3602ddc88bbbd0f1b1c9c81f4cab9404607
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaef8bbaf4b10a667db38c6479a2069453033faab8fa3be14ef5cb3754cd6c4f
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
afb5a13e0e223eca6a4b00982300ca24b0977b7eee2201fa72ff1b9ac57abec4
b05e12145b7c6094497b4089b14b67d0d59fd0e080947d1bb8e2549cb55d7d2e
b0807829de0cf5844ca49208519907dbce6d2bcc79b21b73d0969de204e968b2
b0eb459d44c50d3bc86bbaa6f6826f3e0bfb0b94584392063cd508539f00fcd1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b286eb0171f45774b86c3a561d31c209272cccbab6a0b2e57b460f85cbf492f7
b353e65e344b4507fd9a9f0fd6ae530ec074669dc8d373c518a33ef7ce1e2338
b3d8bbe9bcc743391cd8b9f8453f9ed0717251532e981567a5f5c2012d90715b
b619fb48856262958728b749d6ae69c4c12f4d5a8373144ac7e325a2403d54e5
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beba8d621b4950294ebd97bc5f8187744eebb0d55647856a1a42d234064f75bb
bebe4f2398b6a8798d51b247cdedcb56d81cf0d1a803a2b5f7296d76677b8ebd
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c278e0ceef700aa25ee3ac1ff91b59943040f64e2feb5a2fb24c778b8f23bfd2
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c512d3487383c933f44c70b2fa61b1975fc179e917b55bd118926e878c1d2aee
ca36399c28deb59a8d860835cb19d0a357cb2ae05cb646c7a32501a0ad27eea8
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cae96f5cef4e19c9f2a138f5b0368aad46a71f9f7852b8d55c11cb4bd33b8963
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd91c486b38b1b32bc4ce7168a6f258c536d2958366f6982ceb577138e70bfd5
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d4a976c7119be5a4525aa7ec75c26bfcc75e9beef8ab816cd5d5f15b600cde2f
d63ae5de7242b51ba0af5f5079e35933d9a02b3ab8a644b830aa5ebbd3547fa0
d655c80ac351e118b3cb1c493cb1294481e0aa29bab78112c6955688e42ec54c
d801e71afb2916850795babf8272a7f270b785ae01143880f6c46d7edc86bfb3
d953176080d209a5e7ab15805f9834c573917ccd08f0fa603bc685c9abbd7660
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dc6609763bf19156496007422d99a8e9acb553f4dbf7b0631373c0e197781d88
ddb8cdfb67cfdca9c43318b98b855ae9bffa7787727e894e79a4553bdddfbbcc
ddf67ef94f7272233c7dea6acecab068672baba9c927d3d642e9aa343efb6468
de23dad9886751ad5923ff70890c37a7a77b3221a18677c5ddfe483862dc63f2
df61117d7806f863533acc213c4fdf87a667c109fc708eb4bedb9d35e30adb1a
e26b8467413de372610a038ba75b91a60d1cd52133f836c5a8ca960751a9ad12
e352332ad590186cf88f93624a3c30c17f626a0eb0d54912e4aee59185f3c219
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c49e1205cdb3076a1e6697b709d9444db626281b8815dc992cc71a7909b78c
e51bb3aea2e977a9cdd447643f74bbf6d33d9d7dea16a867efbedaf2b740ea86
e865cf013eaa0223f508139bd864e5a3f2b88fc1857c0bc714cc48389a3ea82f
e9a641e068d97aaa5fb7bb80b0a105dcc47abaac81b460c7e3f92b798787c833
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
ee9c0acec967f23106af17e0a1e6d42167071eba0c12d6e51912a47e5e24b9f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef231dcd4cbcad51c72ea21b29dc248d1e1676c4cf125563708aee598fd5b91a
f0e0a53ae225bfc95bc048cffbb4825fe7f3b12d2efae39e0812e70329956a68
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7bd37e17ef1fe27935d0af32ea06624988813a5cf89dc6f444edb47b5c53654
fb2cee04678c1077efdae27cc151b2a179e4884cedadebf24c4af3b36006980a
fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3
fc6bde7c862a567dabf0654ee13002f78aed7b5a98df0b36a82c66e5054be72d
fd1ebeb1e1a5fcfaf98c1580565717ee53b8e250db299ff55e627a7814ce38da
fe4827a3795c631932b0ecc2b3a0d859f5475cd96a368e3e9799c062afe68cc8
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffb852a258ca6469d664ae215eca48e4ba52efcef2131daa8855151406336586

www.ormanager.com Open in urlscan Pro 172.67.178.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

274 Requests

87 %HTTPS

31 %IPv6

46 Domains

65 Subdomains

64 IPs

3 Countries

6641 kBTransfer

14139 kBSize

88 Cookies

25 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ormanager.com Open in urlscan Pro
172.67.178.30 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

87 %
HTTPS

31 %
IPv6

46
Domains

65
Subdomains

64
IPs

3
Countries

6641 kB
Transfer

14139 kB
Size

88
Cookies

274 HTTP transactions
5 data transactions