Submitted URL: http://news.orvis.com/
Effective URL: https://news.orvis.com/
Submission: On December 28 via api from US — Scanned from DE

Summary

This website contacted 36 IPs in 5 countries across 29 domains to perform 132 HTTP transactions. The main IP is 35.212.35.149, located in Washington, United States and belongs to GOOGLE, US. The main domain is news.orvis.com. The Cisco Umbrella rank of the primary domain is 765385.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.
This is the only time news.orvis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 35.212.35.149 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 52.17.48.145 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 23.212.212.65 16625 (AKAMAI-AS)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 63.140.62.214 15224 (OMNITURE)
1 1 34.243.189.130 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 151.101.2.49 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
1 66.235.152.115 15224 (OMNITURE)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.172.41.107 14618 (AMAZON-AES)
1 52.85.92.88 16509 (AMAZON-02)
1 54.230.206.111 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.20.113.198 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.241.98.209 16509 (AMAZON-02)
1 63.140.62.160 16509 (AMAZON-02)
2 34.95.84.97 396982 (GOOGLE-CL...)
132 36
Apex Domain
Subdomains
Transfer
38 orvis.com
news.orvis.com — Cisco Umbrella Rank: 765385
somni.orvis.com — Cisco Umbrella Rank: 167151
1 MB
12 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
135 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
587 KB
8 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3986
33 KB
7 cartfulsolutions.com
embed.cartfulsolutions.com — Cisco Umbrella Rank: 109482
tracker.cartfulsolutions.com
368 KB
6 gstatic.com
fonts.gstatic.com
99 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6765
886 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
886 B
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
6 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
14 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
7 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
125 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
theorvis.demdex.net — Cisco Umbrella Rank: 180078
5 KB
2 igodigital.com
7236729.collect.igodigital.com — Cisco Umbrella Rank: 193156
nova.collect.igodigital.com — Cisco Umbrella Rank: 5199
3 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
69 KB
2 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3083
c.contentsquare.net — Cisco Umbrella Rank: 3307
75 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
216 B
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 6223
consent.linksynergy.com — Cisco Umbrella Rank: 19869
685 B
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 8672
725 B
2 omtrdc.net
orvis.sc.omtrdc.net — Cisco Umbrella Rank: 272372
orvis.tt.omtrdc.net
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 mercent.com
cdn.mercent.com — Cisco Umbrella Rank: 98142
3 KB
1 securedvisit.com
track.securedvisit.com — Cisco Umbrella Rank: 4905
24 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
98 B
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 5888
13 KB
1 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 7660
4 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
15 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
7 KB
132 29
Domain Requested by
37 news.orvis.com 1 redirects news.orvis.com
12 assets.adobedtm.com news.orvis.com
assets.adobedtm.com
9 www.googletagmanager.com news.orvis.com
www.googletagmanager.com
assets.adobedtm.com
8 static.addtoany.com news.orvis.com
static.addtoany.com
6 fonts.gstatic.com fonts.googleapis.com
5 www.google.de news.orvis.com
5 www.google.com news.orvis.com
5 embed.cartfulsolutions.com news.orvis.com
embed.cartfulsolutions.com
t.contentsquare.net
4 googleads.g.doubleclick.net www.googletagmanager.com
3 bat.bing.com assets.adobedtm.com
bat.bing.com
news.orvis.com
3 connect.facebook.net assets.adobedtm.com
connect.facebook.net
2 tracker.cartfulsolutions.com t.contentsquare.net
2 www.youtube.com news.orvis.com
www.youtube.com
2 www.facebook.com news.orvis.com
2 gum.criteo.com 1 redirects static.criteo.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dpm.demdex.net assets.adobedtm.com
news.orvis.com
2 fonts.googleapis.com news.orvis.com
1 nova.collect.igodigital.com news.orvis.com
1 somni.orvis.com news.orvis.com
1 c.contentsquare.net news.orvis.com
1 7236729.collect.igodigital.com news.orvis.com
1 t.contentsquare.net news.orvis.com
1 cdn.mercent.com news.orvis.com
1 track.securedvisit.com news.orvis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 mug.criteo.com news.orvis.com
1 orvis.tt.omtrdc.net assets.adobedtm.com
1 region1.google-analytics.com www.googletagmanager.com
1 idsync.rlcdn.com news.orvis.com
1 lasteventf-tm.everesttech.net www.everestjs.net
1 consent.linksynergy.com news.orvis.com
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 theorvis.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 orvis.sc.omtrdc.net assets.adobedtm.com
1 tag.rmp.rakuten.com news.orvis.com
1 www.everestjs.net news.orvis.com
1 static.criteo.net news.orvis.com
1 maxcdn.bootstrapcdn.com news.orvis.com
132 40
Subject Issuer Validity Valid
news.orvis.com
R3
2023-12-01 -
2024-02-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2023-11-30 -
2024-02-28
3 months crt.sh
static.addtoany.com
E1
2023-12-27 -
2024-03-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-06 -
2024-01-04
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
www.everestjs.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-25 -
2024-10-25
a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4
2023-12-02 -
2024-03-01
3 months crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-03-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2023-02-13 -
2024-02-13
a year crt.sh
consent.linksynergy.com
GTS CA 1D4
2023-12-16 -
2024-03-15
3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2023-08-22 -
2024-09-21
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cartfulsolutions.com
Cloudflare Inc ECC CA-3
2023-07-18 -
2024-07-17
a year crt.sh
securedvisit.com
Amazon RSA 2048 M03
2023-08-16 -
2024-09-13
a year crt.sh
*.ds.commercehub.com
Amazon RSA 2048 M02
2023-01-23 -
2024-02-21
a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.collect.igodigital.com
Amazon RSA 2048 M03
2023-11-15 -
2024-12-14
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
dep.ba.contentsquare.net
Amazon RSA 2048 M01
2023-03-20 -
2024-04-17
a year crt.sh
somni.orvis.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-26 -
2024-07-26
a year crt.sh
tracker.cartfulsolutions.com
GTS CA 1D4
2023-11-02 -
2024-01-31
3 months crt.sh

This page contains 4 frames:

Primary Page: https://news.orvis.com/
Frame ID: C50C8B831E99D4FAE0859B2B78B1C8D2
Requests: 128 HTTP requests in this frame

Frame: https://theorvis.demdex.net/dest5.html?d_nsid=0
Frame ID: A9842BD5A098126A1A0C24120ED00AD2
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: D989E5A2777F245092655ABAB03CD436
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=news.orvis.com&origin=onetag
Frame ID: C8A49777D911393F545184E7BB8F408B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Orvis News - Your home for the sporting lifeFly PatternFacebookInstagramTwitterYouTube

Page URL History Show full URLs

  1. http://news.orvis.com/ HTTP 301
    https://news.orvis.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

132
Requests

97 %
HTTPS

53 %
IPv6

29
Domains

40
Subdomains

36
IPs

5
Countries

2872 kB
Transfer

6988 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.orvis.com/ HTTP 301
    https://news.orvis.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://cm.everesttech.net/cm/dd?d_uuid=60322958830477148603617222076692961532 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
Request Chain 78
  • https://gum.criteo.com/sid/json?origin=onetag&domain=orvis.com&sn=ChromeSyncframe&so=0&topUrl=news.orvis.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2

132 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
news.orvis.com/
Redirect Chain
  • http://news.orvis.com/
  • https://news.orvis.com/
65 KB
16 KB
Document
General
Full URL
https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
54ce420fd2607414c890e91ab59a561756945a9eadc700021e42beb580ccedff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Dec 2023 02:10:08 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://news.orvis.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
x-proxy-cache
HIT

Redirect headers

Connection
keep-alive
Content-Length
24
Content-Type
text/plain
Date
Thu, 28 Dec 2023 02:10:07 GMT
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Location
https://news.orvis.com/
Server
nginx
X-Proxy-Cache-Info
DT:1
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f4afec8d8bf4513d1fc73ad0154a2d142844d5f7b6dd7bdf620167003bde687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 02:10:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 02:10:08 GMT
satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/
399 KB
112 KB
Script
General
Full URL
https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
709694ffcbfa677b2f5c6417899140d824992ad642d4a827b2b0ffc274c0e8b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:45 GMT
server
AkamaiNetStorage
etag
"155e5a04756ccbd3939b88e8a6a9fa98:1644852885.529683"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
113965
expires
Thu, 28 Dec 2023 03:10:08 GMT
cv.css
news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/
84 KB
12 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.1.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 00:03:19 GMT
server
nginx
etag
W/"150b3-60be031f88297"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
cvpro.min.css
news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/css/
72 KB
19 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.3.4.2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8718a0c9e90880a7fe228db0c07333baa82dcc41e4ac99f02e2dabb04219ada1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Tue, 04 Jun 2019 02:14:37 GMT
server
nginx
etag
W/"11e2e-58a760af1fc9e"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
sbi-styles.min.css
news.orvis.com/wp-content/plugins/instagram-feed/css/
33 KB
5 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.6
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 00:03:22 GMT
server
nginx
etag
W/"8297-60be0322c7b76"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
style.min.css
news.orvis.com/wp-includes/css/dist/block-library/
107 KB
13 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 01:51:56 GMT
server
nginx
etag
W/"1add3-609ae72ddf53d"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
cff-style.css
news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/css/
84 KB
13 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/css/cff-style.css?ver=3.9.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ae4225a66f3f335ccb9e94a9f76740f47266619e9b17afdd00f2a30f9f97eb96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Mon, 28 Oct 2019 12:01:37 GMT
server
nginx
etag
W/"14ffd-595f74304406e"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
4999385
cdn-cachedat
05/01/2023 15:40:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b9f68144baab9564a7e8739a4135280d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
83c643e4794330f9-FRA
cdn-requestpullsuccess
True
ctf-styles.min.css
news.orvis.com/wp-content/plugins/custom-twitter-feeds-pro/css/
35 KB
6 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/custom-twitter-feeds-pro/css/ctf-styles.min.css?ver=1.8.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
eb733be79f1e125e4e15dba59d3c6cc7403d25b31ed165341113154e6ed48668

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 11 Jun 2020 20:09:49 GMT
server
nginx
etag
W/"8d02-5a7d48af24a46"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
style.css
news.orvis.com/wp-content/themes/twentysixteen/
69 KB
12 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/style.css?ver=6.4.2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ffea9a13bdc8bbe71e149aa9973f54b3179f6c88b2240c88091649f08ef49902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
W/"114fd-6087acdd8a460"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
style.css
news.orvis.com/wp-content/themes/twentysixteen-child/
23 KB
5 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen-child/style.css?ver=28139885156
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c37d627f9134d2788c6df98a70cafd363fb75ecc10eeb6fbc7bd2fbc056f627d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Fri, 03 Apr 2020 13:29:59 GMT
server
nginx
etag
W/"5b60-5a262e9fc9f44"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
merriweather-plus-montserrat-plus-inconsolata.css
news.orvis.com/wp-content/themes/twentysixteen/fonts/
19 KB
1 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
W/"4b81-6087acdd86db0"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
genericons.css
news.orvis.com/wp-content/plugins/jetpack/_inc/genericons/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 00:03:07 GMT
server
nginx
etag
W/"6e6a-60be031431c74"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
blocks.css
news.orvis.com/wp-content/themes/twentysixteen/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20230628
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c4c821b94249e2d439cd382231ff63405046deec2059e6908fe915e77b9a642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
W/"241c-6087acdd861f8"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
addtoany.min.css
news.orvis.com/wp-content/plugins/add-to-any/
2 KB
648 B
Stylesheet
General
Full URL
https://news.orvis.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 01:52:30 GMT
server
nginx
etag
W/"644-609ae74ea1701"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26389
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1360f39ce298a46ab4d839930011f62c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mg9rKtk6eWbIjyZc%2BsSLHO7Sw7Pib%2FvLsX85y%2Bo8zm1yDTUXa2LpQemC2NExJOQkqYx7rdXR0p4QHC27Lz%2BQrKaWJuKVAbrkbQhvYrT5WhI0lfS%2BGO3F5nFH9dkAyRIbQ767eh3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
83c643e718bd37ec-FRA
jquery.min.js
news.orvis.com/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://news.orvis.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 01:51:56 GMT
server
nginx
etag
W/"15601-609ae72de435d"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
jquery-migrate.min.js
news.orvis.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://news.orvis.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
br
last-modified
Thu, 10 Aug 2023 02:28:11 GMT
server
nginx
etag
W/"3509-6028858fbb010"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
addtoany.min.js
news.orvis.com/wp-content/plugins/add-to-any/
129 B
303 B
Script
General
Full URL
https://news.orvis.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 01:52:30 GMT
server
nginx
etag
W/"81-609ae74ea1701"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/
187 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6edb1d103303ee1ee778ffdceb6ab793269a18d7bac8f33e6f49efa0f0b2b008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69093
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
orvis-news-logo.png
news.orvis.com/wp-content/uploads/2018/09/
7 KB
8 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2018/09/orvis-news-logo.png
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a256af945154352c8eef9c70ff703e5173e254e2da9301d5feb991b4e764912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 04 Jun 2019 01:05:32 GMT
server
nginx
etag
"1dc7-58a7513db33ef"
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
7623
x-proxy-cache
HIT
pressroom-search.png
news.orvis.com/wp-content/uploads/2018/09/
2 KB
2 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2018/09/pressroom-search.png
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c3cd250a4a917a5f9b5f9d9caf0d701746def2e11404ce4484a0fcde3e7b646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
last-modified
Tue, 04 Jun 2019 01:05:47 GMT
server
nginx
etag
"607-58a7514bdf057"
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1543
x-proxy-cache
HIT
smallstreams.jpg
news.orvis.com/wp-content/uploads/2023/12/
151 KB
152 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/smallstreams.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c5e1f51fe86cb3076e5fcbe6681b1f11bfe3f2445b097581f5a51322fd49d683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
last-modified
Wed, 27 Dec 2023 20:35:42 GMT
server
nginx
etag
W/"25d5f-60d83be2e21f9"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
154975
x-proxy-cache
HIT
3dollardip.jpg
news.orvis.com/wp-content/uploads/2023/12/
42 KB
42 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/3dollardip.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
85cbd7bc992b259d67b8534d35acc3e284bc6a7681fcedf1b36fd35bdfce6e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:08 GMT
last-modified
Wed, 27 Dec 2023 13:50:29 GMT
server
nginx
etag
"a619-60d7e14ff5091"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
42521
x-proxy-cache
HIT
filmfestival2019.jpg
news.orvis.com/wp-content/uploads/2019/02/
63 KB
64 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2019/02/filmfestival2019.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbf3b727d5fb06c97d7f7a5089f499b014a449cfaad4db2d77eb719c00597c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Mon, 03 Jun 2019 22:52:55 GMT
server
nginx
etag
"fd42-58a7339929165"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
64834
x-proxy-cache
HIT
cv.js
news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/
23 KB
7 KB
Script
General
Full URL
https://news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.1.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Thu, 07 Dec 2023 00:03:19 GMT
server
nginx
etag
W/"5b7b-60be031f89237"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
cvpro.min.js
news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/js/
155 KB
42 KB
Script
General
Full URL
https://news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.3.4.2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dc72d1591a2a5559ba7e2a591a4cf5692658d20fa7a749c807e37b19773df1e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Tue, 04 Jun 2019 02:14:44 GMT
server
nginx
etag
W/"26a39-58a760b564367"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
cff-scripts.js
news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/js/
180 KB
46 KB
Script
General
Full URL
https://news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/js/cff-scripts.js?ver=3.9.1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
42c05e4db44d774cdd2c1900d054885286591cb202acc6439080be7ab9fc6060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Mon, 28 Oct 2019 12:01:43 GMT
server
nginx
etag
W/"2cf30-595f743666c27"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
functions.js
news.orvis.com/wp-content/themes/twentysixteen/js/
7 KB
2 KB
Script
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/js/functions.js?ver=20230629
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
W/"1c9e-6087acdd894c0"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
id
dpm.demdex.net/
367 B
914 B
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=21ABA57856263CDF7F000101%40AdobeOrg&d_nsid=0&ts=1703729408915
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ce3e352c6a5d4b0d76856d2ef3091b7ca504e21a79e158d9674d600d5a1863ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news.orvis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
MCck/Tc+TtU=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
311
expires
Thu, 01 Jan 1970 00:00:00 UTC
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Dec 2023 02:10:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hPT7ILXcEvjN8jhuovzjq+bprZtPbTKFvIW+iyt84G3NfvVfRPHuibsJIHF9mKZr7mgvChgHS45m39l608lrEw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Thu, 28 Dec 2023 03:10:09 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Thu, 28 Dec 2023 03:10:09 GMT
ld.js
static.criteo.net/js/ld/
46 KB
15 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Oct 2023 15:11:46 GMT
server
nginx
etag
W/"652569b2-b614"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Dec 2023 02:10:09 GMT
last-event-tag-latest.min.js
www.everestjs.net/static/le/
8 KB
4 KB
Script
General
Full URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.212.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-212-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Date
Thu, 28 Dec 2023 02:10:09 GMT
Last-Modified
Wed, 13 Dec 2023 10:47:16 GMT
Server
AmazonS3
x-amz-request-id
8G1A81XJXX5GS6GG
ETag
"8c6414c4813c1bf85d1f9478a637ba7c"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3155
x-amz-id-2
GQ5qACgDW58826SAK2yU1CH+R6lQulQaXcU1guz3SngsX+qH4InTzUenNsucCSAg6+mL4ZkYp7g=
116883.ct.js
tag.rmp.rakuten.com/
38 KB
13 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/116883.ct.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
3246209670e4a264865301586f5c54b46a2ed5329547bce7aa772db3ec27bf86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Dec 2023 02:10:09 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css
fonts.googleapis.com/
2 KB
653 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Serif+Pro
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen-child/style.css?ver=28139885156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2913bf1da4bd436195ea5eef87ecc35d17f0d3b0f6bf62346122fc7044ba561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 02:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 01:29:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Dec 2023 02:10:08 GMT
1dec28b8-1a6e-497a-8153-2791908e7f29
https://news.orvis.com/
1 KB
0
Other
General
Full URL
blob:https://news.orvis.com/1dec28b8-1a6e-497a-8153-2791908e7f29
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
id
orvis.sc.omtrdc.net/
2 B
266 B
XHR
General
Full URL
https://orvis.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=21ABA57856263CDF7F000101%40AdobeOrg&mid=60328420204484034053620054828849309469&ts=1703729409070
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.214 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-214.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.orvis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://news.orvis.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=60322958830477148603617222076692961532
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0a8bf9e4f.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2dpmANhCTi8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
Date
Thu, 28 Dec 2023 02:10:09 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:09:56 GMT
x-content-type-options
nosniff
age
147613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20528
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:17:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 09:09:56 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 03:13:20 GMT
x-content-type-options
nosniff
age
169009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 03:13:20 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:49:59 GMT
x-content-type-options
nosniff
age
148810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:49:59 GMT
montserrat-latin-400-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/
12 KB
13 KB
Font
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
"31a4-6087acdd88520"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
12708
x-proxy-cache
HIT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
montserrat-latin-700-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/
13 KB
13 KB
Font
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Request headers

Referer
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
"3230-6087acdd88520"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
12848
x-proxy-cache
HIT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:56:37 GMT
x-content-type-options
nosniff
age
148412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:56:37 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 19:01:34 GMT
x-content-type-options
nosniff
age
198515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21528
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 23:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 19:01:34 GMT
merriweather-latin-400-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather/
20 KB
20 KB
Font
General
Full URL
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-normal.woff2?ver=30
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Request headers

Referer
https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 24 Oct 2023 18:49:52 GMT
server
nginx
etag
"4e3c-6087acdd87968"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
20028
x-proxy-cache
HIT
alvintippet.jpg
news.orvis.com/wp-content/uploads/2023/12/
129 KB
129 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/alvintippet.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d36e2b211bf279240717a9497578a57d8c9a2e266d17f6f0165942dad7d8ce37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Fri, 22 Dec 2023 13:58:11 GMT
server
nginx
etag
"203a9-60d199b4de9ec"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
132009
x-proxy-cache
HIT
nail.jpg
news.orvis.com/wp-content/uploads/2023/12/
86 KB
87 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/nail.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6375d2e136a32b79d6a37d787f3f24c51e71d39fc5ffb0d8211fabb91f0a90e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Thu, 21 Dec 2023 13:49:04 GMT
server
nginx
etag
"159d1-60d055ce3d290"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
88529
x-proxy-cache
HIT
Proposed-Ambler-Road.jpg
news.orvis.com/wp-content/uploads/2023/12/
126 KB
126 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/Proposed-Ambler-Road.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc78dfb04f54d489f681fff1924008b5a890282f6df1cccaa3af78adf7130291

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Wed, 20 Dec 2023 21:25:32 GMT
server
nginx
etag
"1f851-60cf79f7a4620"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
129105
x-proxy-cache
HIT
yeggs.jpg
news.orvis.com/wp-content/uploads/2020/12/
54 KB
54 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2020/12/yeggs.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca966353a1ec3bd5b7b9f5708fb551ab08b9a3453dd582d2571948c9165b2294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Mon, 21 Dec 2020 20:40:12 GMT
server
nginx
etag
"d889-5b6ff76f20ee3"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
55433
x-proxy-cache
HIT
poison.gif
news.orvis.com/wp-content/uploads/2020/01/
176 KB
176 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2020/01/poison.gif
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bb28511ad15ae7e7a24d8c6d00c23363d193448a2b7b398477cc3fd5215a2aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Wed, 08 Jan 2020 13:54:17 GMT
server
nginx
etag
"2c054-59ba13a84985c"
content-type
image/gif
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
180308
x-proxy-cache
HIT
sinkcrop.jpg
news.orvis.com/wp-content/uploads/2023/12/
82 KB
82 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2023/12/sinkcrop.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
95b91c345b899226fdf64d0e8081310c6eda9ca435792b346b8a71984c0e7ae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 19 Dec 2023 16:40:33 GMT
server
nginx
etag
"14629-60cdf867834c2"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
83497
x-proxy-cache
HIT
whipit.jpg
news.orvis.com/wp-content/uploads/2021/03/
16 KB
16 KB
Image
General
Full URL
https://news.orvis.com/wp-content/uploads/2021/03/whipit.jpg
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
36d70ae0e5c128c58c2e70dbb963628b34389e23e0eac934747eb120e6c1048e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Tue, 02 Mar 2021 12:29:13 GMT
server
nginx
etag
"3f01-5bc8ce1d39c71"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
16129
x-proxy-cache
HIT
dest5.html
theorvis.demdex.net/ Frame A984
7 KB
3 KB
Document
General
Full URL
https://theorvis.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news.orvis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 28 Dec 2023 02:10:09 GMT
dcs
dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Nov 2023 15:37:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
enYtuKK9TpE=
sm.24.html
static.addtoany.com/menu/ Frame D989
677 B
713 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.orvis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
4626
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
83c643e748d637ec-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 02:10:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQpmVePE%2F1OO8G9kr%2B8d1AZRvXsHAClqnRLbDHpdmXr0bMxbVwzO2hYv5ZZTtFEYYv58C6tPnu0IPcgWNfz5CFNKKpSHl3DNI0WwdKbBAKBNoA%2FUewjy4DEibz2kINmobrJ%2F0v9y"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.0lg1QMGN.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.orvis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f7a2848ba5154bff921586a6e44f406d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HYPcW35lwzqbRUR6ye2cq9B9i0uRTyC3eg18xl8W67IDfgsClSdfIv9euKFbbA51hk27IVrJbreCv8QQzFmtSsPi8Y19lXgiDhvmo1Ezg9swvbJdak%2BqcWXdjKDRIWCuptgNaDm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
83c643e78a421c9b-FRA
jsp
ut.rd.linksynergy.com/
148 B
404 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/116883.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
659b5b0c39c1ff7f507ed39f87eab8e048e9b3d48641ac8867d4beb434cdc207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Thu, 28 Dec 2023 02:10:09 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
p
consent.linksynergy.com/consent/v3/
37 B
281 B
Image
General
Full URL
https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=news.orvis.com&sought=false&tp=gdpr&attr_sid=116883&aff_mid=38663&purposes=&vendors=&ext_id=34d801b4-54fe-4f79-af8c-14b4baf521b2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 28 Dec 2023 02:10:09 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure
/
lasteventf-tm.everesttech.net/
0
208 B
XHR
General
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=21ABA57856263CDF7F000101@AdobeOrg&_les_sdid=094BD312BC24749D-1B88A301FC372AFD&_les_last_search_click=&_les_rsid=orviscom&_les_mid=60328420204484034053620054828849309469&_les_rampid_env=&_les_url=https%3A%2F%2Fnews.orvis.com%2F
Requested by
Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 28 Dec 2023 02:10:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703729409.302175,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://news.orvis.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-cph2320036-CPH
1841787929401016
connect.facebook.net/signals/config/
139 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1841787929401016?v=2.9.138&r=stable&domain=news.orvis.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a47a389bcfafd8b95bcd2d381a8529341df7411835af8e8f56c3ecdd2be7218
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Dec 2023 02:10:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Ga8INg8Ba63bmNGy6tMf2vZ84saqav7y8sEJa8Y1wwLSWYIWlNiqbeR/qUakuD4aQoGWu8/V9Wl+d4TXs8ohMg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
277 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-584DWRFMG0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00b3c0942b51a0cc33d742a609c082164cd38de30abaf4dfdf0cf4db6538f7ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94005
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 02:10:09 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 01:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 03:48:17 GMT
syncframe
gum.criteo.com/ Frame C8A4
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=news.orvis.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.orvis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Dec 2023 02:10:08 GMT
server
Kestrel
server-processing-duration-in-ticks
370184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
458359.gif
idsync.rlcdn.com/
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=64512904-9ef6-400c-a0aa-d537b47cf7ed
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-584DWRFMG0&gtm=45je3bt0v888702983&_p=1703729409074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=531132704.1703729409&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703729409&sct=1&seg=0&dl=https%3A%2F%2Fnews.orvis.com%2F&dt=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1575
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-584DWRFMG0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
149 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f8cad8f4ec3728682052a7611226ddfda1f14d9a29b2863f6df51bee0338f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58054
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
149 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34c4ce2d09670662ab90104bf048ce75f4636f6e842d54f1b3e337c77acc0b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57992
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
202 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-970714449&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24d91836ae5fb7cb3fe95580a6d2a4da03319eb8238b541c70b039d924216650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74562
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
194 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-285838749&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2af640684e7b47ef45b0d82ef04e7884b5129c654d043022c05af353deed60fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72473
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
149 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-998964495&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8b5f586b9896ddb5b669c01fddc8168f7d009de5d8f8a40f1a34de7eab455f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58106
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
149 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-973405072&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
630206e32dd43485e27b52268b1ea3cdf1a6a582df36324528a269f0328fce36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58108
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
js
www.googletagmanager.com/gtag/
149 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-973405072&l=dataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32d54c98a508b710aee2d1ebf0a70ee36b725a306aa65aca9e2789fe9f2bcf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58067
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 02:10:09 GMT
json
orvis.tt.omtrdc.net/m2/orvis/mbox/
96 B
825 B
XHR
General
Full URL
https://orvis.tt.omtrdc.net/m2/orvis/mbox/json?mbox=target-global-mbox&mboxSession=9ca20f3cefa4488bb7d61880cefcaa06&mboxPC=&mboxPage=6951a3e477cc48d2a4fec5060114d915&mboxRid=c573299c841848c4acfd7470b41a4d44&mboxVersion=1.8.2&mboxCount=1&mboxTime=1703733009369&mboxHost=news.orvis.com&mboxURL=https%3A%2F%2Fnews.orvis.com%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&staging=False&signedIn=false&noReferrer=True&at_property=adcf835d-f677-e51c-d529-3594266f47b0&visitor.betaOptOut=unselected&visitor.qrEmailOptOut=false&mboxMCSDID=094BD312BC24749D-1B88A301FC372AFD&vst.trk=orvis.sc.omtrdc.net&mboxMCGVID=60328420204484034053620054828849309469&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.115 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-66-235-152-115.data.adobedc.net
Software
jag /
Resource Hash
108e87d6dd1815547f2fd577b1b306f5d7365f78880e4eaed4657120125aaf18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length
96
x-xss-protection
1; mode=block
x-request-id
c573299c841848c4acfd7470b41a4d44
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
jag
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 05:37:08 GMT
x-content-type-options
nosniff
age
246781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14160
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 05:37:08 GMT
collect
www.google-analytics.com/j/
2 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1175508786&t=pageview&_s=1&dl=https%3A%2F%2Fnews.orvis.com%2F&ul=en-us&de=UTF-8&dt=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=741014060&gjid=1287754573&cid=531132704.1703729409&tid=UA-36137344-1&_gid=1988069279.1703729409&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1476780772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.orvis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C8A4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=orvis.com&sn=ChromeSyncframe&so=0&topUrl=news.orvis.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0Qn...
436 B
673 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b92447196504a88e7d4ad1356a64cf0f695e23f01ef766b684efcb77fafffd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1330483
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
310510
content-length
0
expires
0
675664122566129
connect.facebook.net/signals/config/
135 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/675664122566129?v=2.9.138&r=stable&domain=news.orvis.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c18aea31d1c4b81bb978f6a4da68b2411a1e9d76dd91603db5cdeb501f588b7d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Dec 2023 02:10:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
XuMz37W3BwmsK42Rp/hWDMPRY9d43C19r9My8TicqZXYu5oZxtoTLtlSH81wKgMGpRz2IRp8JUkAPoiUJubrhQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1841787929401016&ev=PageView&dl=https%3A%2F%2Fnews.orvis.com%2F&rl=&if=false&ts=1703729409398&sw=1600&sh=1200&v=2.9.138&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1703729409397.868070061&cs_est=true&ler=empty&it=1703729409218&coo=false&rqm=GET
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 28 Dec 2023 02:10:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
facebook.js
static.addtoany.com/menu/svg/icons/
430 B
827 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13443
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3c6ccaafe275b5b477d0400b5847bbce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39X9HjLvt6iBA6keNA57rB4SxGgplEYTcoxOVPgwq4WK0jYJ3EnK59ir8mrWSPgB3p7JHzbCA5AvvKNgCCKNVNdwFsMCWHQrHhThcHs4081SpbLSSkGcSDx2%2BqzjwGFeNxqgF9OgClXX2o2QH6TzsEOr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
83c643e8daec1c9b-FRA
twitter.js
static.addtoany.com/menu/svg/icons/
695 B
944 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13443
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"31edccd311957616d32bbcad27fcf679"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKlY5W58H7VhA0muwCtupsn9ETayWd9HKWs20jewE7K%2BUrip1rj%2BZJAhIsJsivx%2FcEP5EUXET%2BMirI0DWXJwdGA3uhz1UCMSW6ElmoAnjhkVoB6TE%2BmqHAWYCAbLp%2BoDM%2Bq49clqP7hKJeu6ZC6uZhd3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
83c643e8daf11c9b-FRA
pinterest.js
static.addtoany.com/menu/svg/icons/
901 B
1 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/pinterest.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13443
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"573fae6e51435ee7155601d053377d81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMwZ65wPrRZmFMDMkcJfc%2FmtT42vQJRPBxZUWZ76nggwP5KV7okIhcXPxq4yi7X%2FWwOt39aBSEq20iK5vs6BTeIrC1nKfeumQYMb7CL1rksmc4dhKCNwqT847FyepnuzuJbJwTBw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
83c643e8daf21c9b-FRA
email.js
static.addtoany.com/menu/svg/icons/
427 B
829 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/email.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8u8DfrIJ%2FyFRR5bqapVvDtD2L2Z67bHvu8%2BmvIAoHhu874Av4FZ9KPkrhuGUr3jvPE8QIUUI00261ovEeAO3hJZCLnCrCzq09w4x4I5oIcVNMy32xr7QxcpjrzcnyiHxk8LvBEBBmFJm%2BlFHusNaHLX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
83c643e8daf41c9b-FRA
a2a.js
static.addtoany.com/menu/svg/icons/
182 B
666 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/a2a.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin
https://news.orvis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiH79B0vo5lFC0KBP5VeHFpSFdF1XO2ReKaV2CQ8rw6m19zayPJ90FrjLalwoP%2FH4ldKkKKkwNiDn7%2BaLalx6ISaRnPuH0Ia72HQbUAgd2z7HPW1xBiXWmKMDqfAApxm9Gouv9s8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
83c643e8daf51c9b-FRA
RCac63c683893740f29e84320ad7e42210-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
710 B
670 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCac63c683893740f29e84320ad7e42210-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
36cfcffeac64950b56eaafdb0bb97a1c4c14203d4262d10de5c24c5df8215fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
414
expires
Thu, 28 Dec 2023 03:10:09 GMT
RCb5457280f62549fcb1c4d404dd7e29a4-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
508 B
586 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCb5457280f62549fcb1c4d404dd7e29a4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
59a9e0fb3d12bbd46767fd48306094848d60417600cd59881581f0774e65e491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
330
expires
Thu, 28 Dec 2023 03:10:09 GMT
RC90a211121c09418c913091e817555120-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
1 KB
905 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC90a211121c09418c913091e817555120-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ba863af5dc5a0159f551ec0bf2c9cca962dd94dd1e6862afb8fc7e8e92ba7c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
649
expires
Thu, 28 Dec 2023 03:10:09 GMT
RC0c8e21a78c41499c8db48a994b41c09c-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
1 KB
871 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC0c8e21a78c41499c8db48a994b41c09c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c15e054768161d6d360627c5198d347826723ff6491806931ba50e9689e860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
615
expires
Thu, 28 Dec 2023 03:10:09 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 28 Dec 2023 02:10:09 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17587FAB20034DDFA3C499D8D606B1DB Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
RCe0562fcc8ceb44e2a2baa4d94297144e-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
1 KB
745 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCe0562fcc8ceb44e2a2baa4d94297144e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0b2dbc5aede02d87568394958759fb38bd6a2298e44bf26f1dbe649be4baa9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
489
expires
Thu, 28 Dec 2023 03:10:09 GMT
RC6cedfaa7d4b54f749cd27c5cedd9bbfd-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC6cedfaa7d4b54f749cd27c5cedd9bbfd-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
babe969b662c996bf1f59a8d629d6a77a5260ed894508e3f2cb743735dfc4e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
849
expires
Thu, 28 Dec 2023 03:10:09 GMT
RCac9133b00bae49ffad6f36573f4085cb-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
3 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCac9133b00bae49ffad6f36573f4085cb-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c4a0daa106da7667e1249f082cc835481320a1f52eb62669ce26317a756cc7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
913
expires
Thu, 28 Dec 2023 03:10:09 GMT
RCa9621a98979b49f7899d407a5429d780-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
6 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCa9621a98979b49f7899d407a5429d780-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0c97970b00aa33fc1187e15f0398e61dc673444a7cb952b8916ef15cdc00968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2085
expires
Thu, 28 Dec 2023 03:10:09 GMT
RC88856b3007ab40b89c2f9052e8b0b693-source.min.js
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/
1 KB
872 B
Script
General
Full URL
https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC88856b3007ab40b89c2f9052e8b0b693-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
063b43c6417159e90b65286eb53d214e754eddf8104207cc47d948c0c7a023cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:34:46 GMT
server
AkamaiNetStorage
etag
"f314107119528f297bddc99007d446e1:1644852886.337445"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://news.orvis.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
616
expires
Thu, 28 Dec 2023 03:10:09 GMT
wp-emoji-release.min.js
news.orvis.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://news.orvis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
149.35.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 13:01:44 GMT
server
nginx
etag
W/"4904-5f831cfa9a6f3"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&gjid=1287754573&_gid=1988069279.1703729409&_u=YADAAUAAAAAAACAAI~&z=1420927848
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.orvis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.orvis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ogma.min.js
embed.cartfulsolutions.com/orvis/
83 KB
27 KB
Script
General
Full URL
https://embed.cartfulsolutions.com/orvis/ogma.min.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89f4430674e0ad494e4fe8e85b9f0b22c8c590f9a60487f479278575a60bb47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-version-id
HCPEUGnnAfkKHbEpbCyhgQnb4HgoWOFC
x-amz-request-id
PDGXXF40TDXDNT8G
x-amz-id-2
DrZBRVJNi0RYyWWYQe6Npqf54BM7bTgJwRpGyzt/c1MW/8QQRly+1HbdGCXM8lH/ruEGUfywS1M=
x-xss-protection
1; mode=block
last-modified
Tue, 01 Jun 2021 21:08:51 GMT
server
cloudflare
etag
W/"cc72a9d3b55db593ee0f985707fa3f4e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=7200
cf-ray
83c643e98e7991d7-FRA
sv.js
track.securedvisit.com/js/
60 KB
24 KB
Script
General
Full URL
https://track.securedvisit.com/js/sv.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.41.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-41-107.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Thu, 28 Dec 2023 02:10:09 GMT
server
nginx/1.24.0
etag
W/"f617b666f3c16d1666e3099c57cb63a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires
Thu, 28 Dec 2023 02:10:09 GMT
tracker.js
cdn.mercent.com/js/
5 KB
3 KB
Script
General
Full URL
https://cdn.mercent.com/js/tracker.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-88.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2001fa2302369eee173cf9e7bb29c814016f1e2676b25bc47c7b9e53fed98da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 05:24:09 GMT
Content-Encoding
gzip
Via
1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
Last-Modified
Fri, 25 Mar 2016 15:22:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
HAM50-C1
Age
74761
ETag
W/"e6c30613a13a4fde3f0008372726ac41"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
f2roNVaVO0W1zNG3H7OJnwMgwfoFgIIxTRdVgzKmAXk52K-57SVcyQ==
d1119f1c42684.js
t.contentsquare.net/uxa/
313 KB
75 KB
Script
General
Full URL
https://t.contentsquare.net/uxa/d1119f1c42684.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-111.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7362c0e8a613f7dee304b25423f672dca684914d9811067de639ab1a5d1d4256

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 06:44:56 GMT
content-encoding
br
via
1.1 d4ed28727dd020fd5850b309fbb1f2f4.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
75848
last-modified
Tue, 19 Dec 2023 14:04:54 GMT
server
AmazonS3
etag
"24601e6bd89166aaa838f8b9598d03a9"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
HJh3xoUCPx2PfD1g3wJkII3yaaVVx1mJZPCzZom8LyyTTrnHDHIh0g==
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 28 Dec 2023 02:10:09 GMT
collect.js
7236729.collect.igodigital.com/
8 KB
2 KB
Script
General
Full URL
https://7236729.collect.igodigital.com/collect.js
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.113.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-113-198.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 18:29:39 GMT
vary
Accept-Encoding
content-type
application/javascript
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/?random=1703729409490&cv=11&fst=1703729409490&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51936b92bc1d3e2b9b1893bc27602719d66e5551c5c5a568f43e3454363f151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/?random=1703729409494&cv=11&fst=1703729409494&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dconversion%3Becomm_pagetype%3Dblog&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0991abf35444af3c35d835ea8c4a26ad2f519b23a8597c2466a10db940c15792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/?random=1703729409505&cv=11&fst=1703729409505&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dd362db9b64c22d8375e4879abfb9b7ba966c07e06457ff1a016ce98cb70e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1269
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/?random=1703729409509&cv=11&fst=1703729409509&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dconversion%3Becomm_pagetype%3Dblog&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de0ea65b6583bd1e484cfa444f35f37e2dcebeffe84e6d058ef6fc1f7d460ef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&_u=YADAAUAAAAAAACAAI~&z=835533651
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&_u=YADAAUAAAAAAACAAI~&z=835533651
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=675664122566129&ev=PageView&dl=https%3A%2F%2Fnews.orvis.com%2F&rl=&if=false&ts=1703729409560&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703729409397.868070061&ler=empty&it=1703729409218&coo=false&tm=1&rqm=GET
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 28 Dec 2023 02:10:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
5014640.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/5014640.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 28 Dec 2023 02:10:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6D125E7F00144587AF359C631BDD57B2 Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
286 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5014640&tm=al001&Ver=2&mid=6723697c-deae-4600-9fda-371747048225&sid=3a023f80a52611eea72b9989d913748f&vid=3a0252e0a52611eebedd575cb003ba0b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&p=https%3A%2F%2Fnews.orvis.com%2F&r=&lt=1630&evt=pageLoad&sv=1&rn=305098
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 28 Dec 2023 02:10:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E9F7FA6C0C434C9781EFDAC268EF7454 Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/da154528/www-widgetapi.vflset/
216 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 01:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68553
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 02:48:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Dec 2024 01:57:35 GMT
/
www.google.com/pagead/1p-user-list/962132069/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/962132069/?random=1703729409490&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ECif3l4YBdXUzx3S77wZeru-fLizMg&random=1523950646&rmt_tld=0&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/962132069/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/962132069/?random=1703729409490&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ECif3l4YBdXUzx3S77wZeru-fLizMg&random=1523950646&rmt_tld=1&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/962132069/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/962132069/?random=1703729409494&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IGRio2wA6iVH9l59OAtS23Rr5CZ_GA&random=3967683137&rmt_tld=0&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/962132069/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/962132069/?random=1703729409494&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IGRio2wA6iVH9l59OAtS23Rr5CZ_GA&random=3967683137&rmt_tld=1&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1072739139/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1072739139/?random=1703729409509&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_1uEpQ7_qs8YGxUHfndFi8bI4ctjE9g&random=4189837940&rmt_tld=0&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1072739139/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1072739139/?random=1703729409509&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_1uEpQ7_qs8YGxUHfndFi8bI4ctjE9g&random=4189837940&rmt_tld=1&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1072739139/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1072739139/?random=1703729409505&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E3inNVy3-zIwPrzq6hShEV9lRgMQXQ&random=2966633561&rmt_tld=0&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1072739139/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1072739139/?random=1703729409505&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E3inNVy3-zIwPrzq6hShEV9lRgMQXQ&random=2966633561&rmt_tld=1&ipr=y
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pageview
c.contentsquare.net/
0
320 B
Image
General
Full URL
https://c.contentsquare.net/pageview?pid=1801&uu=10bf337d-97c5-acfc-9257-aa93430c073a&sn=1&hd=1703729409&pn=1&dw=1600&dh=9327&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fnews.orvis.com%2F&uc=0&la=en-US&v=13.76.1&pvt=n&ex=&r=269175
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.98.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-98-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
2608ceab-2e4e-4f17-80b1-7f4cd1d5c451
https://news.orvis.com/
7 KB
0
Other
General
Full URL
blob:https://news.orvis.com/2608ceab-2e4e-4f17-80b1-7f4cd1d5c451
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
s230257613817
somni.orvis.com/b/ss/orviscom/1/JS-2.22.0-LBWB/
43 B
373 B
Image
General
Full URL
https://somni.orvis.com/b/ss/orviscom/1/JS-2.22.0-LBWB/s230257613817?AQB=1&ndh=1&pf=1&t=28%2F11%2F2023%203%3A10%3A9%204%20-60&sdid=094BD312BC24749D-1B88A301FC372AFD&mid=60328420204484034053620054828849309469&aamlh=6&ce=UTF-8&pageName=news%3A%20home&g=https%3A%2F%2Fnews.orvis.com%2F&cc=USD&ch=News&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=2022-02-14T15%3A34%3A22Z%7Cdesktop%20launch&c2=D%3Dv4&v4=News&v5=News&v6=D%3DpageName&v7=D%3Dg&v8=blog%3Ehome&v10=12%2F28%2F2023&c12=D%3Dv24&c14=D%3Dv47&v47=homepage&v50=D%3Dv4&v56=D%3Dv4&v68=false&v80=Unselected&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=21ABA57856263CDF7F000101%40AdobeOrg&AQE=1
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 29 Dec 2023 02:10:09 GMT
server
jag
etag
3658731046858063872-4617947177296981676
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 27 Dec 2023 02:10:09 GMT
cfsp.js
embed.cartfulsolutions.com/
96 KB
29 KB
Script
General
Full URL
https://embed.cartfulsolutions.com/cfsp.js
Requested by
Host: embed.cartfulsolutions.com
URL: https://embed.cartfulsolutions.com/orvis/ogma.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-version-id
9BLu2s5fmCaVgx_S7GAgQBsvvHB78dmq
x-amz-request-id
KS9DJCE18NCT3FAB
x-amz-id-2
8s9FU+AU0g1C9X4qzIygqalbXNz8ziNN86WS3VZ4wRR0abTLprbWicCDBu1C65THeRWnGgnJAGw=
x-xss-protection
1; mode=block
last-modified
Thu, 08 Aug 2019 20:10:12 GMT
server
cloudflare
etag
W/"69c0026af7f2b8f2eed23f2f5fc5c68f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=7200
cf-ray
83c643eb2eca91d7-FRA
track_page_view
nova.collect.igodigital.com/c2/7236729/
43 B
710 B
Image
General
Full URL
https://nova.collect.igodigital.com/c2/7236729/track_page_view?payload=%7B%22title%22%3A%22Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life%22%2C%22url%22%3A%22https%3A%2F%2Fnews.orvis.com%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%22details%22%3A%7B%22cartID%22%3A%22%22%7D%7D%7D
Requested by
Host: news.orvis.com
URL: https://news.orvis.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.113.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-113-198.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime
0.010498
date
Thu, 28 Dec 2023 02:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
6aa336a8-99e3-4ba0-a78b-59042f71c4d1
tp2
tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.84.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.84.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://news.orvis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://news.orvis.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 28 Dec 2023 02:10:10 GMT
server
akka-http/10.0.9
via
1.1 google
tp2
tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/
2 B
19 B
XHR
General
Full URL
https://tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.84.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.84.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://news.orvis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 28 Dec 2023 02:10:10 GMT
via
1.1 google
server
akka-http/10.0.9
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.orvis.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tf.min.js
embed.cartfulsolutions.com/orvis/
1 MB
260 KB
Script
General
Full URL
https://embed.cartfulsolutions.com/orvis/tf.min.js
Requested by
Host: embed.cartfulsolutions.com
URL: https://embed.cartfulsolutions.com/orvis/ogma.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e19c2bfc7869411bd9a7803997dd66f904bb08b8296d30f97292ae84967c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-version-id
w5VrQDQHQp7rROG9jAtQuzQcBSWKodZI
x-amz-request-id
3PQTW5MVSTQSSZ5T
x-amz-id-2
wfnWAiPcGsNyNMKkLGoBgJ4thxsAYTJna8fb1cXPuAMuLDoDrGaNVojVZxvXvD/AoAcU3iQ0Gps=
x-xss-protection
1; mode=block
last-modified
Mon, 05 Oct 2020 21:59:22 GMT
server
cloudflare
etag
W/"9d35fc24dcc0bf3e051809f34f06e517"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=7200
cf-ray
83c643ed4f4c91d7-FRA
model.json
embed.cartfulsolutions.com/orvis/rc/v5/
4 KB
2 KB
Fetch
General
Full URL
https://embed.cartfulsolutions.com/orvis/rc/v5/model.json
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7d03d46f8c5a038e5fe8e1e331afdef20d6b8d115e5a91305941ea187185e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-version-id
gfTd7myGMcBdSrdZdxQL1ArmryI3bLQ.
x-amz-request-id
1FJM4NMVYFWZDJK1
x-amz-id-2
kA/cNTHwTjuuTxTvAd1ITIbd7OxZWPHUTs59PlvTWw9OVN+ErShjSMFl+XPQMnHGmdrgHPMl6ms=
x-xss-protection
1; mode=block
last-modified
Fri, 27 Nov 2020 04:09:21 GMT
server
cloudflare
etag
W/"3b420ea8869686f0e054c5a3226e82bc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-frame-options
DENY
cf-ray
83c643f03d7337ec-FRA
group1-shard1of1.bin
embed.cartfulsolutions.com/orvis/rc/v5/
49 KB
49 KB
Fetch
General
Full URL
https://embed.cartfulsolutions.com/orvis/rc/v5/group1-shard1of1.bin
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d403b92a0e90ce0abae1b0b4a24ff962855a55a6096851dadeaa8b0f03a7f24e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.orvis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 02:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-version-id
zMf7E.zKAK7hBwVyGa7My2Ua1CYnaYjr
x-amz-request-id
9N60CBE15622N3J7
content-length
49668
x-amz-id-2
hqs1DjzDqZsrva7XnYGs9A6ZhCa0lMPLUuadR7GtQ2FNPn7bN4rVVY2dzXzyPYMGDpub+3w/ZDg=
x-xss-protection
1; mode=block
last-modified
Fri, 27 Nov 2020 04:09:06 GMT
server
cloudflare
etag
"fa4b1df10ad64633e1dc266f59529bfb"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7200
access-control-max-age
3000
accept-ranges
bytes
cf-ray
83c643f1fe4f37ec-FRA
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| dataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| _da object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| digitalData object| criteo_q object| DataLayer object| _svq object| _wpemojiSettings object| a2a_config undefined| $ function| jQuery string| cffsiteurl string| cffajaxurl string| cffmetatrans string| cfflinkhashtags function| gtag string| sbiajaxurl object| PT_CV_PUBLIC object| PT_CV_PAGINATION function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| a2a function| a2a_init function| ___rmuid object| ___RMCMPW function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| EventEmitter object| eventie function| cvp_imagesLoaded object| cvp_Modernizr function| cvp_Shuffle function| cvp_common object| cvsf_data function| cvp_js object| cti116883 function| onYouTubeIframeAPIReady object| gaGlobal boolean| cff_js_exists object| hashRegex object| tagRegex undefined| cffAddMasonry function| cff_init function| cffGetShortcodeToken function| cffReplaceHashtags function| cffReplaceTags function| cffEncodeHTML function| cffLoadCommentReplies function| cffLightbox function| cffLinkify object| screenReaderText function| postImageResize object| gaplugins object| gaData function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init object| uetq object| GlobalCartfulNamespace function| ogma object| _uxa object| _etmc object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_6461aedc62 object| twemoji object| wp object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| m object| mr_conv object| mr_convOrderItem function| mr_Track function| mr_addConvOrderItem function| mr_sendConversion string| mr_merchangeID string| mr_cookieDomain object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics undefined| ttMETA object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| s_i_orviscom object| GlobalSnowplowNamespace function| internal_ogma object| _etmc_temp string| func_name object| args string| collect_url boolean| sv_DNT object| _svt function| _typeof object| Snowplow object| tf function| setImmediate function| clearImmediate object| regeneratorRuntime object| _tfGlobals object| _tfengine

39 Cookies

Domain/Path Name / Value
.orvis.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 60322958830477148603617222076692961532
.orvis.com/ Name: AMCVS_21ABA57856263CDF7F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYzZAQAAAMdo_gN-
.linksynergy.com/ Name: rmuid
Value: 64512904-9ef6-400c-a0aa-d537b47cf7ed
.dpm.demdex.net/ Name: dpm
Value: 60322958830477148603617222076692961532
.orvis.com/ Name: _ga_584DWRFMG0
Value: GS1.1.1703729409.1.0.1703729409.0.0.0
.orvis.com/ Name: adcloud
Value: {%22_les_v%22:%22y%2Corvis.com%2C1703731209%22}
.orvis.com/ Name: AMCV_21ABA57856263CDF7F000101%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19720%7CMCMID%7C60328420204484034053620054828849309469%7CMCAAMLH-1704334209%7C6%7CMCAAMB-1704334209%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703736609s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19727%7CvVersion%7C5.2.0
.criteo.com/ Name: uid
Value: 48a5aa5a-2592-40c0-8c6a-7ec07dc9ac16
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.orvis.com/ Name: _ga
Value: GA1.2.531132704.1703729409
.orvis.com/ Name: _gid
Value: GA1.2.1988069279.1703729409
.orvis.com/ Name: _gat_gtag_UA_36137344_1
Value: 1
.orvis.com/ Name: _fbp
Value: fb.1.1703729409397.868070061
.orvis.com/ Name: cto_bundle
Value: QWHBzl9NbEpIZWNpSkh1OHg0Z1hmMlZUWTE2UEUxaWM0VWUlMkZqY1VVUWF3ZTI4aUVXdjQzaTJ2WEttZVVIWmM4JTJCZWI0amw3blZYJTJGV1U1clJTekxpaTF3Q3dSNWR1QmQ0NlpyJTJGT2RYOVdwc2ElMkZsUnE2a0d2dm1mcG90TkNWTm83OTdMeHdDRm53amlGaCUyRlp6SkhnR0EweVpTJTJCdyUzRCUzRA
.orvis.com/ Name: _gcl_au
Value: 1.1.871465855.1703729409
.youtube.com/ Name: YSC
Value: Bj1xrlaEG4o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: NHlqvrh1DKw
.orvis.com/ Name: _uetsid
Value: 3a023f80a52611eea72b9989d913748f
.orvis.com/ Name: _uetvid
Value: 3a0252e0a52611eebedd575cb003ba0b
.orvis.tt.omtrdc.net/ Name: orvis!mboxSession
Value: 9ca20f3cefa4488bb7d61880cefcaa06
.orvis.tt.omtrdc.net/ Name: orvis!mboxPC
Value: 9ca20f3cefa4488bb7d61880cefcaa06.37_0
.orvis.com/ Name: mr_referredVisitor
Value: 0
.orvis.com/ Name: mbox
Value: session#9ca20f3cefa4488bb7d61880cefcaa06#1703731270|PC#9ca20f3cefa4488bb7d61880cefcaa06.37_0#1766974210
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 1AD878D9A999682820816B2CA8336974
.orvis.com/ Name: _cs_c
Value: 0
.orvis.com/ Name: _cs_id
Value: 10bf337d-97c5-acfc-9257-aa93430c073a.1703729409.1.1703729409.1703729409.1.1737893409620
.orvis.com/ Name: sat_prevPage
Value: news%3A%20home
.orvis.com/ Name: sat_prevurl
Value: https%3A%2F%2Fnews.orvis.com%2F
.orvis.com/ Name: s_cc
Value: true
.orvis.com/ Name: _cs_s
Value: 1.5.0.1703731209809
.igodigital.com/ Name: igodigitaltc2
Value: 3a347bdc-a526-11ee-a1a0-9e1213c61840
.igodigital.com/ Name: igodigitalst_7236729
Value: 3a348d8e-a526-11ee-a1a0-9e1213c61840
.igodigital.com/ Name: igodigitalstdomain
Value: 22889
.orvis.com/ Name: _sp_ses.ad37
Value: *
.orvis.com/ Name: _sp_id.ad37
Value: 439ac7fa-646b-4155-99b4-ca2e7eac7da7.1703729410.1.1703729410.1703729410.0bacd13d-cc05-4494-9812-d8a93827ba0c
.orvis.com/ Name: s_ptc
Value: 0.26%5E%5E0.00%5E%5E0.00%5E%5E0.37%5E%5E0.13%5E%5E0.13%5E%5E1.49%5E%5E0.00%5E%5E2.25

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=64512904-9ef6-400c-a0aa-d537b47cf7ed
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://connect.facebook.net/signals/config/675664122566129?v=2.9.138&r=stable&domain=news.orvis.com(Line 132)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7236729.collect.igodigital.com
assets.adobedtm.com
bat.bing.com
c.contentsquare.net
cdn.mercent.com
cm.everesttech.net
connect.facebook.net
consent.linksynergy.com
dpm.demdex.net
embed.cartfulsolutions.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
lasteventf-tm.everesttech.net
maxcdn.bootstrapcdn.com
mug.criteo.com
news.orvis.com
nova.collect.igodigital.com
orvis.sc.omtrdc.net
orvis.tt.omtrdc.net
region1.google-analytics.com
somni.orvis.com
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
t.contentsquare.net
tag.rmp.rakuten.com
theorvis.demdex.net
track.securedvisit.com
tracker.cartfulsolutions.com
ut.rd.linksynergy.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
151.101.2.49
2001:4860:4802:34::36
23.20.113.198
23.212.212.65
2606:4700:10::6816:4b7c
2606:4700:10::ac43:2794
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:587::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.147.248
34.241.98.209
34.243.189.130
34.95.84.97
34.98.67.3
35.172.41.107
35.212.35.149
35.244.174.68
52.17.48.145
52.85.92.88
54.230.206.111
63.140.62.160
63.140.62.214
66.235.152.115
00b3c0942b51a0cc33d742a609c082164cd38de30abaf4dfdf0cf4db6538f7ed
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
063b43c6417159e90b65286eb53d214e754eddf8104207cc47d948c0c7a023cc
06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b
0991abf35444af3c35d835ea8c4a26ad2f519b23a8597c2466a10db940c15792
0b2dbc5aede02d87568394958759fb38bd6a2298e44bf26f1dbe649be4baa9a5
0c97970b00aa33fc1187e15f0398e61dc673444a7cb952b8916ef15cdc00968c
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e7d03d46f8c5a038e5fe8e1e331afdef20d6b8d115e5a91305941ea187185e9
108e87d6dd1815547f2fd577b1b306f5d7365f78880e4eaed4657120125aaf18
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90
24d91836ae5fb7cb3fe95580a6d2a4da03319eb8238b541c70b039d924216650
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2af640684e7b47ef45b0d82ef04e7884b5129c654d043022c05af353deed60fd
3246209670e4a264865301586f5c54b46a2ed5329547bce7aa772db3ec27bf86
32d54c98a508b710aee2d1ebf0a70ee36b725a306aa65aca9e2789fe9f2bcf41
34c4ce2d09670662ab90104bf048ce75f4636f6e842d54f1b3e337c77acc0b2c
36cfcffeac64950b56eaafdb0bb97a1c4c14203d4262d10de5c24c5df8215fbe
36d70ae0e5c128c58c2e70dbb963628b34389e23e0eac934747eb120e6c1048e
3a47a389bcfafd8b95bcd2d381a8529341df7411835af8e8f56c3ecdd2be7218
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e19c2bfc7869411bd9a7803997dd66f904bb08b8296d30f97292ae84967c56
42c05e4db44d774cdd2c1900d054885286591cb202acc6439080be7ab9fc6060
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f4afec8d8bf4513d1fc73ad0154a2d142844d5f7b6dd7bdf620167003bde687
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51936b92bc1d3e2b9b1893bc27602719d66e5551c5c5a568f43e3454363f151f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
54ce420fd2607414c890e91ab59a561756945a9eadc700021e42beb580ccedff
59a9e0fb3d12bbd46767fd48306094848d60417600cd59881581f0774e65e491
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c3cd250a4a917a5f9b5f9d9caf0d701746def2e11404ce4484a0fcde3e7b646
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
630206e32dd43485e27b52268b1ea3cdf1a6a582df36324528a269f0328fce36
6375d2e136a32b79d6a37d787f3f24c51e71d39fc5ffb0d8211fabb91f0a90e2
659b5b0c39c1ff7f507ed39f87eab8e048e9b3d48641ac8867d4beb434cdc207
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a256af945154352c8eef9c70ff703e5173e254e2da9301d5feb991b4e764912
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b
6c4c821b94249e2d439cd382231ff63405046deec2059e6908fe915e77b9a642
6edb1d103303ee1ee778ffdceb6ab793269a18d7bac8f33e6f49efa0f0b2b008
709694ffcbfa677b2f5c6417899140d824992ad642d4a827b2b0ffc274c0e8b9
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
7362c0e8a613f7dee304b25423f672dca684914d9811067de639ab1a5d1d4256
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
7f8cad8f4ec3728682052a7611226ddfda1f14d9a29b2863f6df51bee0338f34
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cbd7bc992b259d67b8534d35acc3e284bc6a7681fcedf1b36fd35bdfce6e7f
8718a0c9e90880a7fe228db0c07333baa82dcc41e4ac99f02e2dabb04219ada1
8b92447196504a88e7d4ad1356a64cf0f695e23f01ef766b684efcb77fafffd9
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
92c15e054768161d6d360627c5198d347826723ff6491806931ba50e9689e860
95b91c345b899226fdf64d0e8081310c6eda9ca435792b346b8a71984c0e7ae5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9dd362db9b64c22d8375e4879abfb9b7ba966c07e06457ff1a016ce98cb70e7c
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
ae4225a66f3f335ccb9e94a9f76740f47266619e9b17afdd00f2a30f9f97eb96
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
ba863af5dc5a0159f551ec0bf2c9cca962dd94dd1e6862afb8fc7e8e92ba7c11
babe969b662c996bf1f59a8d629d6a77a5260ed894508e3f2cb743735dfc4e46
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb28511ad15ae7e7a24d8c6d00c23363d193448a2b7b398477cc3fd5215a2aac
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
c18aea31d1c4b81bb978f6a4da68b2411a1e9d76dd91603db5cdeb501f588b7d
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c37d627f9134d2788c6df98a70cafd363fb75ecc10eeb6fbc7bd2fbc056f627d
c4a0daa106da7667e1249f082cc835481320a1f52eb62669ce26317a756cc7f1
c5e1f51fe86cb3076e5fcbe6681b1f11bfe3f2445b097581f5a51322fd49d683
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca966353a1ec3bd5b7b9f5708fb551ab08b9a3453dd582d2571948c9165b2294
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
cc78dfb04f54d489f681fff1924008b5a890282f6df1cccaa3af78adf7130291
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278
ce3e352c6a5d4b0d76856d2ef3091b7ca504e21a79e158d9674d600d5a1863ed
cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d36e2b211bf279240717a9497578a57d8c9a2e266d17f6f0165942dad7d8ce37
d403b92a0e90ce0abae1b0b4a24ff962855a55a6096851dadeaa8b0f03a7f24e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d8b5f586b9896ddb5b669c01fddc8168f7d009de5d8f8a40f1a34de7eab455f0
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
dbf3b727d5fb06c97d7f7a5089f499b014a449cfaad4db2d77eb719c00597c53
dc72d1591a2a5559ba7e2a591a4cf5692658d20fa7a749c807e37b19773df1e0
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de0ea65b6583bd1e484cfa444f35f37e2dcebeffe84e6d058ef6fc1f7d460ef1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2001fa2302369eee173cf9e7bb29c814016f1e2676b25bc47c7b9e53fed98da
e2913bf1da4bd436195ea5eef87ecc35d17f0d3b0f6bf62346122fc7044ba561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89f4430674e0ad494e4fe8e85b9f0b22c8c590f9a60487f479278575a60bb47
eb733be79f1e125e4e15dba59d3c6cc7403d25b31ed165341113154e6ed48668
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
ffea9a13bdc8bbe71e149aa9973f54b3179f6c88b2240c88091649f08ef49902