news.orvis.com Open in urlscan Pro
35.212.35.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.orvis.com/
Effective URL:
https://news.orvis.com/
Submission: On December 28 via api (December 28th 2023, 2:10:14 am UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 29 domains to perform 132 HTTP transactions. The main IP is 35.212.35.149, located in Washington, United States and belongs to GOOGLE, US. The main domain is news.orvis.com. The Cisco Umbrella rank of the primary domain is 765385.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.

This is the only time news.orvis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	35.212.35.149 35.212.35.149	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	52.17.48.145 52.17.48.145	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.212.212.65 23.212.212.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.140.62.214 63.140.62.214	15224 (OMNITURE) (OMNITURE)
1 1	34.243.189.130 34.243.189.130	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	66.235.152.115 66.235.152.115	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:4b7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.172.41.107 35.172.41.107	14618 (AMAZON-AES) (AMAZON-AES)
1	52.85.92.88 52.85.92.88	16509 (AMAZON-02) (AMAZON-02)
1	54.230.206.111 54.230.206.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	23.20.113.198 23.20.113.198	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	34.241.98.209 34.241.98.209	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
2	34.95.84.97 34.95.84.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
132	36

37 35.212.35.149 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 149.35.212.35.bc.googleusercontent.com

news.orvis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.48.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-48-145.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theorvis.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.212.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-212-65.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.214 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-214.data.adobedc.net

orvis.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.189.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-189-130.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.115 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-115.data.adobedc.net

orvis.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:4b7c (United States)

ASN13335 (CLOUDFLARENET, US)

embed.cartfulsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.41.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-41-107.compute-1.amazonaws.com

track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-88.ham50.r.cloudfront.net

cdn.mercent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.206.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-111.ham50.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.113.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-113-198.compute-1.amazonaws.com

7236729.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.98.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-98-209.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

somni.orvis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.84.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.84.95.34.bc.googleusercontent.com

tracker.cartfulsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	orvis.com 1 redirects news.orvis.com — Cisco Umbrella Rank: 765385 somni.orvis.com — Cisco Umbrella Rank: 167151	1 MB
12	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 431	135 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	587 KB
8	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3986	33 KB
7	cartfulsolutions.com embed.cartfulsolutions.com — Cisco Umbrella Rank: 109482 tracker.cartfulsolutions.com	368 KB
6	gstatic.com fonts.gstatic.com	99 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	886 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	886 B
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	6 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	125 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 theorvis.demdex.net — Cisco Umbrella Rank: 180078	5 KB
2	igodigital.com 7236729.collect.igodigital.com — Cisco Umbrella Rank: 193156 nova.collect.igodigital.com — Cisco Umbrella Rank: 5199	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3083 c.contentsquare.net — Cisco Umbrella Rank: 3307	75 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	linksynergy.com ut.rd.linksynergy.com — Cisco Umbrella Rank: 6223 consent.linksynergy.com — Cisco Umbrella Rank: 19869	685 B
2	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 8672	725 B
2	omtrdc.net orvis.sc.omtrdc.net — Cisco Umbrella Rank: 272372 orvis.tt.omtrdc.net	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	mercent.com cdn.mercent.com — Cisco Umbrella Rank: 98142	3 KB
1	securedvisit.com track.securedvisit.com — Cisco Umbrella Rank: 4905	24 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 5888	13 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 7660	4 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	15 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	7 KB
132	29

	Domain	Requested by
37	news.orvis.com	1 redirects news.orvis.com
12	assets.adobedtm.com	news.orvis.com assets.adobedtm.com
9	www.googletagmanager.com	news.orvis.com www.googletagmanager.com assets.adobedtm.com
8	static.addtoany.com	news.orvis.com static.addtoany.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.de	news.orvis.com
5	www.google.com	news.orvis.com
5	embed.cartfulsolutions.com	news.orvis.com embed.cartfulsolutions.com t.contentsquare.net
4	googleads.g.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	assets.adobedtm.com bat.bing.com news.orvis.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	tracker.cartfulsolutions.com	t.contentsquare.net
2	www.youtube.com	news.orvis.com www.youtube.com
2	www.facebook.com	news.orvis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	assets.adobedtm.com news.orvis.com
2	fonts.googleapis.com	news.orvis.com
1	nova.collect.igodigital.com	news.orvis.com
1	somni.orvis.com	news.orvis.com
1	c.contentsquare.net	news.orvis.com
1	7236729.collect.igodigital.com	news.orvis.com
1	t.contentsquare.net	news.orvis.com
1	cdn.mercent.com	news.orvis.com
1	track.securedvisit.com	news.orvis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mug.criteo.com	news.orvis.com
1	orvis.tt.omtrdc.net	assets.adobedtm.com
1	region1.google-analytics.com	www.googletagmanager.com
1	idsync.rlcdn.com	news.orvis.com
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	consent.linksynergy.com	news.orvis.com
1	ut.rd.linksynergy.com	tag.rmp.rakuten.com
1	theorvis.demdex.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	orvis.sc.omtrdc.net	assets.adobedtm.com
1	tag.rmp.rakuten.com	news.orvis.com
1	www.everestjs.net	news.orvis.com
1	static.criteo.net	news.orvis.com
1	maxcdn.bootstrapcdn.com	news.orvis.com
132	40

This site contains links to these domains. Also see Links.

Domain
www.orvis.com
www.fireholeranch.com
www.youtube.com
www.addtoany.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
news.orvis.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
static.addtoany.com E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-06` - `2024-01-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
www.everestjs.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-25` - `2024-10-25`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rd.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
consent.linksynergy.com GTS CA 1D4	`2023-12-16` - `2024-03-15`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cartfulsolutions.com Cloudflare Inc ECC CA-3	`2023-07-18` - `2024-07-17`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.ds.commercehub.com Amazon RSA 2048 M02	`2023-01-23` - `2024-02-21`	a year	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M01	`2023-03-20` - `2024-04-17`	a year	crt.sh
somni.orvis.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-26` - `2024-07-26`	a year	crt.sh
tracker.cartfulsolutions.com GTS CA 1D4	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://news.orvis.com/
Frame ID: C50C8B831E99D4FAE0859B2B78B1C8D2
Requests: 128 HTTP requests in this frame

Frame: https://theorvis.demdex.net/dest5.html?d_nsid=0
Frame ID: A9842BD5A098126A1A0C24120ED00AD2
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: D989E5A2777F245092655ABAB03CD436
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=news.orvis.com&origin=onetag
Frame ID: C8A49777D911393F545184E7BB8F408B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orvis News - Your home for the sporting lifeFly PatternFacebookInstagramTwitterYouTube

Page URL History Show full URLs

http://news.orvis.com/ HTTP 301
https://news.orvis.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

132
Requests

97 %
HTTPS

53 %
IPv6

29
Domains

40
Subdomains

36
IPs

5
Countries

2872 kB
Transfer

6988 kB
Size

39
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.orvis.com/
Title: Shop Orvis

Search URL Search Domain Scan URL

URL: https://www.fireholeranch.com/
Title: Firehole Ranch

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIdIkp_uBiYEw-Pb4-BDBjw
Title: Tightline Productions

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fnews.orvis.com%2F&title=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life
Title: Share

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Orvis/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orvis/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/TheOrvisCompany
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/orvisvideos
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.orvis.com/ HTTP 301
https://news.orvis.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cm.everesttech.net/cm/dd?d_uuid=60322958830477148603617222076692961532 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-

Request Chain 78

https://gum.criteo.com/sid/json?origin=onetag&domain=orvis.com&sn=ChromeSyncframe&so=0&topUrl=news.orvis.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2

132 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
news.orvis.com/
Redirect Chain

http://news.orvis.com/
https://news.orvis.com/

65 KB
16 KB

499ms
125ms

Document
text/html

35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 54ce420fd2607414c890e91ab59a561756945a9eadc700021e42beb580ccedff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 02:10:08 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://news.orvis.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-httpd: 1
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 24
Content-Type: text/plain
Date: Thu, 28 Dec 2023 02:10:07 GMT
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Location: https://news.orvis.com/
Server: nginx
X-Proxy-Cache-Info: DT:1

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f4afec8d8bf4513d1fc73ad0154a2d142844d5f7b6dd7bdf620167003bde687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 02:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 02:10:08 GMT

GET
H2 200 satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js Show response
assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/ 399 KB
112 KB 139ms
38ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 709694ffcbfa677b2f5c6417899140d824992ad642d4a827b2b0ffc274c0e8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:45 GMT
server: AkamaiNetStorage
etag: "155e5a04756ccbd3939b88e8a6a9fa98:1644852885.529683"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 113965
expires: Thu, 28 Dec 2023 03:10:08 GMT

GET
H2 200 cv.css
news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 84 KB
12 KB 134ms
131ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.1.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 00:03:19 GMT
server: nginx
etag: W/"150b3-60be031f88297"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 cvpro.min.css
news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/css/ 72 KB
19 KB 139ms
136ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.3.4.2
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8718a0c9e90880a7fe228db0c07333baa82dcc41e4ac99f02e2dabb04219ada1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Tue, 04 Jun 2019 02:14:37 GMT
server: nginx
etag: W/"11e2e-58a760af1fc9e"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 sbi-styles.min.css
news.orvis.com/wp-content/plugins/instagram-feed/css/ 33 KB
5 KB 275ms
272ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.6
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 00:03:22 GMT
server: nginx
etag: W/"8297-60be0322c7b76"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 style.min.css
news.orvis.com/wp-includes/css/dist/block-library/ 107 KB
13 KB 276ms
273ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 01:51:56 GMT
server: nginx
etag: W/"1add3-609ae72ddf53d"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 cff-style.css
news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/css/ 84 KB
13 KB 276ms
273ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/css/cff-style.css?ver=3.9.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae4225a66f3f335ccb9e94a9f76740f47266619e9b17afdd00f2a30f9f97eb96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Mon, 28 Oct 2019 12:01:37 GMT
server: nginx
etag: W/"14ffd-595f74304406e"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 78ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4999385
cdn-cachedat: 05/01/2023 15:40:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b9f68144baab9564a7e8739a4135280d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 83c643e4794330f9-FRA
cdn-requestpullsuccess: True

GET
H2 200 ctf-styles.min.css
news.orvis.com/wp-content/plugins/custom-twitter-feeds-pro/css/ 35 KB
6 KB 276ms
274ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/custom-twitter-feeds-pro/css/ctf-styles.min.css?ver=1.8.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb733be79f1e125e4e15dba59d3c6cc7403d25b31ed165341113154e6ed48668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 20:09:49 GMT
server: nginx
etag: W/"8d02-5a7d48af24a46"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 style.css
news.orvis.com/wp-content/themes/twentysixteen/ 69 KB
12 KB 276ms
274ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/style.css?ver=6.4.2
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ffea9a13bdc8bbe71e149aa9973f54b3179f6c88b2240c88091649f08ef49902

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: W/"114fd-6087acdd8a460"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 style.css
news.orvis.com/wp-content/themes/twentysixteen-child/ 23 KB
5 KB 276ms
274ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen-child/style.css?ver=28139885156
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c37d627f9134d2788c6df98a70cafd363fb75ecc10eeb6fbc7bd2fbc056f627d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Fri, 03 Apr 2020 13:29:59 GMT
server: nginx
etag: W/"5b60-5a262e9fc9f44"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 merriweather-plus-montserrat-plus-inconsolata.css
news.orvis.com/wp-content/themes/twentysixteen/fonts/ 19 KB
1 KB 276ms
274ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: W/"4b81-6087acdd86db0"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 genericons.css
news.orvis.com/wp-content/plugins/jetpack/_inc/genericons/genericons/ 28 KB
16 KB 276ms
274ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 00:03:07 GMT
server: nginx
etag: W/"6e6a-60be031431c74"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 blocks.css
news.orvis.com/wp-content/themes/twentysixteen/css/ 9 KB
2 KB 276ms
275ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20230628
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6c4c821b94249e2d439cd382231ff63405046deec2059e6908fe915e77b9a642

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: W/"241c-6087acdd861f8"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 addtoany.min.css
news.orvis.com/wp-content/plugins/add-to-any/ 2 KB
648 B 276ms
275ms Stylesheet
text/css 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 01:52:30 GMT
server: nginx
etag: W/"644-609ae74ea1701"
vary: Accept-Encoding
content-type: text/css
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 79ms
32ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26389
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1360f39ce298a46ab4d839930011f62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mg9rKtk6eWbIjyZc%2BsSLHO7Sw7Pib%2FvLsX85y%2Bo8zm1yDTUXa2LpQemC2NExJOQkqYx7rdXR0p4QHC27Lz%2BQrKaWJuKVAbrkbQhvYrT5WhI0lfS%2BGO3F5nFH9dkAyRIbQ767eh3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 83c643e718bd37ec-FRA

GET
H2 200 jquery.min.js Show response
news.orvis.com/wp-includes/js/jquery/ 86 KB
29 KB 276ms
275ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 01:51:56 GMT
server: nginx
etag: W/"15601-609ae72de435d"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 jquery-migrate.min.js Show response
news.orvis.com/wp-includes/js/jquery/ 13 KB
5 KB 276ms
275ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 02:28:11 GMT
server: nginx
etag: W/"3509-6028858fbb010"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 addtoany.min.js Show response
news.orvis.com/wp-content/plugins/add-to-any/ 129 B
303 B 231ms
229ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 01:52:30 GMT
server: nginx
etag: W/"81-609ae74ea1701"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 87ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6edb1d103303ee1ee778ffdceb6ab793269a18d7bac8f33e6f49efa0f0b2b008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69093
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H2 200 orvis-news-logo.png
news.orvis.com/wp-content/uploads/2018/09/ 7 KB
8 KB 231ms
230ms Image
image/png 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2018/09/orvis-news-logo.png
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6a256af945154352c8eef9c70ff703e5173e254e2da9301d5feb991b4e764912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 04 Jun 2019 01:05:32 GMT
server: nginx
etag: "1dc7-58a7513db33ef"
content-type: image/png
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 7623
x-proxy-cache: HIT

GET
H2 200 pressroom-search.png
news.orvis.com/wp-content/uploads/2018/09/ 2 KB
2 KB 277ms
276ms Image
image/png 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2018/09/pressroom-search.png
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c3cd250a4a917a5f9b5f9d9caf0d701746def2e11404ce4484a0fcde3e7b646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
last-modified: Tue, 04 Jun 2019 01:05:47 GMT
server: nginx
etag: "607-58a7514bdf057"
content-type: image/png
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1543
x-proxy-cache: HIT

GET
H2 200 smallstreams.jpg
news.orvis.com/wp-content/uploads/2023/12/ 151 KB
152 KB 276ms
275ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/smallstreams.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c5e1f51fe86cb3076e5fcbe6681b1f11bfe3f2445b097581f5a51322fd49d683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
last-modified: Wed, 27 Dec 2023 20:35:42 GMT
server: nginx
etag: W/"25d5f-60d83be2e21f9"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 154975
x-proxy-cache: HIT

GET
H2 200 3dollardip.jpg
news.orvis.com/wp-content/uploads/2023/12/ 42 KB
42 KB 277ms
276ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/3dollardip.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 85cbd7bc992b259d67b8534d35acc3e284bc6a7681fcedf1b36fd35bdfce6e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:08 GMT
last-modified: Wed, 27 Dec 2023 13:50:29 GMT
server: nginx
etag: "a619-60d7e14ff5091"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 42521
x-proxy-cache: HIT

GET
H2 200 filmfestival2019.jpg
news.orvis.com/wp-content/uploads/2019/02/ 63 KB
64 KB 127ms
125ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2019/02/filmfestival2019.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbf3b727d5fb06c97d7f7a5089f499b014a449cfaad4db2d77eb719c00597c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Mon, 03 Jun 2019 22:52:55 GMT
server: nginx
etag: "fd42-58a7339929165"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 64834
x-proxy-cache: HIT

GET
H2 200 cv.js Show response
news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 128ms
126ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.1.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 00:03:19 GMT
server: nginx
etag: W/"5b7b-60be031f89237"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 cvpro.min.js Show response
news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/js/ 155 KB
42 KB 136ms
134ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.3.4.2
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc72d1591a2a5559ba7e2a591a4cf5692658d20fa7a749c807e37b19773df1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Tue, 04 Jun 2019 02:14:44 GMT
server: nginx
etag: W/"26a39-58a760b564367"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 cff-scripts.js Show response
news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/js/ 180 KB
46 KB 145ms
143ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/plugins/custom-facebook-feed-pro/js/cff-scripts.js?ver=3.9.1
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42c05e4db44d774cdd2c1900d054885286591cb202acc6439080be7ab9fc6060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Mon, 28 Oct 2019 12:01:43 GMT
server: nginx
etag: W/"2cf30-595f743666c27"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 functions.js Show response
news.orvis.com/wp-content/themes/twentysixteen/js/ 7 KB
2 KB 230ms
228ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/js/functions.js?ver=20230629
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: W/"1c9e-6087acdd894c0"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 id Show response
dpm.demdex.net/ 367 B
914 B 148ms
46ms XHR
application/json 52.17.48.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=21ABA57856263CDF7F000101%40AdobeOrg&d_nsid=0&ts=1703729408915

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-48-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ce3e352c6a5d4b0d76856d2ef3091b7ca504e21a79e158d9674d600d5a1863ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://news.orvis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: MCck/Tc+TtU=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 311
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 82ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 02:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hPT7ILXcEvjN8jhuovzjq+bprZtPbTKFvIW+iyt84G3NfvVfRPHuibsJIHF9mKZr7mgvChgHS45m39l608lrEw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 38ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 42ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 151ms
74ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Dec 2023 02:10:09 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 8 KB
4 KB 113ms
29ms Script
text/javascript 23.212.212.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.212.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-212-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Date: Thu, 28 Dec 2023 02:10:09 GMT
Last-Modified: Wed, 13 Dec 2023 10:47:16 GMT
Server: AmazonS3
x-amz-request-id: 8G1A81XJXX5GS6GG
ETag: "8c6414c4813c1bf85d1f9478a637ba7c"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3155
x-amz-id-2: GQ5qACgDW58826SAK2yU1CH+R6lQulQaXcU1guz3SngsX+qH4InTzUenNsucCSAg6+mL4ZkYp7g=

GET
H2 200 116883.ct.js Show response
tag.rmp.rakuten.com/ 38 KB
13 KB 92ms
41ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/116883.ct.js

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

3246209670e4a264865301586f5c54b46a2ed5329547bce7aa772db3ec27bf86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Dec 2023 02:10:09 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
653 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Serif+Pro

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen-child/style.css?ver=28139885156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2913bf1da4bd436195ea5eef87ecc35d17f0d3b0f6bf62346122fc7044ba561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 01:29:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 02:10:08 GMT

GET
BLOB 200
OK 1dec28b8-1a6e-497a-8153-2791908e7f29
https://news.orvis.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://news.orvis.com/1dec28b8-1a6e-497a-8153-2791908e7f29
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 id Show response
orvis.sc.omtrdc.net/ 2 B
266 B 124ms
37ms XHR
application/x-javascript 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://orvis.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=21ABA57856263CDF7F000101%40AdobeOrg&mid=60328420204484034053620054828849309469&ts=1703729409070

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.orvis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://news.orvis.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=60322958830477148603617222076692961532
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-

42 B
715 B

47ms
47ms

Image
image/gif

52.17.48.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Server

52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-48-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0a8bf9e4f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 2dpmANhCTi8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYzZAQAAAMdo_gN-
Date: Thu, 28 Dec 2023 02:10:09 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 20 KB
20 KB 112ms
61ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:09:56 GMT
x-content-type-options: nosniff
age: 147613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:17:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 09:09:56 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 78ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 03:13:20 GMT
x-content-type-options: nosniff
age: 169009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 03:13:20 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:49:59 GMT
x-content-type-options: nosniff
age: 148810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:49:59 GMT

GET
H2 200 montserrat-latin-400-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/ 12 KB
13 KB 224ms
223ms Font
font/woff2 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: "31a4-6087acdd88520"
content-type: font/woff2
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 12708
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 montserrat-latin-700-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/ 13 KB
13 KB 224ms
223ms Font
font/woff2 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Request headers

Referer: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: "3230-6087acdd88520"
content-type: font/woff2
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 12848
x-proxy-cache: HIT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 94ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:56:37 GMT
x-content-type-options: nosniff
age: 148412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:56:37 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 21 KB
21 KB 100ms
50ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:01:34 GMT
x-content-type-options: nosniff
age: 198515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 19:01:34 GMT

GET
H2 200 merriweather-latin-400-normal.woff2
news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather/ 20 KB
20 KB 221ms
221ms Font
font/woff2 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-normal.woff2?ver=30
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Request headers

Referer: https://news.orvis.com/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 24 Oct 2023 18:49:52 GMT
server: nginx
etag: "4e3c-6087acdd87968"
content-type: font/woff2
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 20028
x-proxy-cache: HIT

GET
H2 200 alvintippet.jpg
news.orvis.com/wp-content/uploads/2023/12/ 129 KB
129 KB 216ms
214ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/alvintippet.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d36e2b211bf279240717a9497578a57d8c9a2e266d17f6f0165942dad7d8ce37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Fri, 22 Dec 2023 13:58:11 GMT
server: nginx
etag: "203a9-60d199b4de9ec"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 132009
x-proxy-cache: HIT

GET
H2 200 nail.jpg
news.orvis.com/wp-content/uploads/2023/12/ 86 KB
87 KB 216ms
214ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/nail.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6375d2e136a32b79d6a37d787f3f24c51e71d39fc5ffb0d8211fabb91f0a90e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Thu, 21 Dec 2023 13:49:04 GMT
server: nginx
etag: "159d1-60d055ce3d290"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 88529
x-proxy-cache: HIT

GET
H2 200 Proposed-Ambler-Road.jpg
news.orvis.com/wp-content/uploads/2023/12/ 126 KB
126 KB 216ms
215ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/Proposed-Ambler-Road.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc78dfb04f54d489f681fff1924008b5a890282f6df1cccaa3af78adf7130291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Wed, 20 Dec 2023 21:25:32 GMT
server: nginx
etag: "1f851-60cf79f7a4620"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 129105
x-proxy-cache: HIT

GET
H2 200 yeggs.jpg
news.orvis.com/wp-content/uploads/2020/12/ 54 KB
54 KB 216ms
215ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2020/12/yeggs.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca966353a1ec3bd5b7b9f5708fb551ab08b9a3453dd582d2571948c9165b2294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Mon, 21 Dec 2020 20:40:12 GMT
server: nginx
etag: "d889-5b6ff76f20ee3"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 55433
x-proxy-cache: HIT

GET
H2 200 poison.gif
news.orvis.com/wp-content/uploads/2020/01/ 176 KB
176 KB 216ms
216ms Image
image/gif 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2020/01/poison.gif
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb28511ad15ae7e7a24d8c6d00c23363d193448a2b7b398477cc3fd5215a2aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Wed, 08 Jan 2020 13:54:17 GMT
server: nginx
etag: "2c054-59ba13a84985c"
content-type: image/gif
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 180308
x-proxy-cache: HIT

GET
H2 200 sinkcrop.jpg
news.orvis.com/wp-content/uploads/2023/12/ 82 KB
82 KB 216ms
216ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2023/12/sinkcrop.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 95b91c345b899226fdf64d0e8081310c6eda9ca435792b346b8a71984c0e7ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 19 Dec 2023 16:40:33 GMT
server: nginx
etag: "14629-60cdf867834c2"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 83497
x-proxy-cache: HIT

GET
H2 200 whipit.jpg
news.orvis.com/wp-content/uploads/2021/03/ 16 KB
16 KB 216ms
216ms Image
image/jpeg 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.orvis.com/wp-content/uploads/2021/03/whipit.jpg
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 36d70ae0e5c128c58c2e70dbb963628b34389e23e0eac934747eb120e6c1048e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Tue, 02 Mar 2021 12:29:13 GMT
server: nginx
etag: "3f01-5bc8ce1d39c71"
content-type: image/jpeg
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 16129
x-proxy-cache: HIT

GET
H2 200 dest5.html Show response
theorvis.demdex.net/ Frame A984 7 KB
3 KB 54ms
45ms Document
text/html 52.17.48.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://theorvis.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-48-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://news.orvis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 28 Dec 2023 02:10:09 GMT
dcs: dcs-prod-irl1-2-v054-034c53ac2.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Nov 2023 15:37:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: enYtuKK9TpE=

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame D989 677 B
713 B 39ms
38ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.orvis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 4626
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 83c643e748d637ec-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 02:10:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQpmVePE%2F1OO8G9kr%2B8d1AZRvXsHAClqnRLbDHpdmXr0bMxbVwzO2hYv5ZZTtFEYYv58C6tPnu0IPcgWNfz5CFNKKpSHl3DNI0WwdKbBAKBNoA%2FUewjy4DEibz2kINmobrJ%2F0v9y"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.0lg1QMGN.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 94ms
51ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.orvis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f7a2848ba5154bff921586a6e44f406d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HYPcW35lwzqbRUR6ye2cq9B9i0uRTyC3eg18xl8W67IDfgsClSdfIv9euKFbbA51hk27IVrJbreCv8QQzFmtSsPi8Y19lXgiDhvmo1Ezg9swvbJdak%2BqcWXdjKDRIWCuptgNaDm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 83c643e78a421c9b-FRA

GET
H2 200 jsp Show response
ut.rd.linksynergy.com/ 148 B
404 B 116ms
38ms Script
text/plain 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid

Requested by

Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/116883.ct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

659b5b0c39c1ff7f507ed39f87eab8e048e9b3d48641ac8867d4beb434cdc207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Thu, 28 Dec 2023 02:10:09 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-samesite: secure

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
281 B 95ms
39ms Image
image/gif 34.98.67.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=news.orvis.com&sought=false&tp=gdpr&attr_sid=116883&aff_mid=38663&purposes=&vendors=&ext_id=34d801b4-54fe-4f79-af8c-14b4baf521b2

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.67.98.34.bc.googleusercontent.com

Software

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 28 Dec 2023 02:10:09 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-samesite: secure

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
208 B 133ms
36ms XHR
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=21ABA57856263CDF7F000101@AdobeOrg&_les_sdid=094BD312BC24749D-1B88A301FC372AFD&_les_last_search_click=&_les_rsid=orviscom&_les_mid=60328420204484034053620054828849309469&_les_rampid_env=&_les_url=https%3A%2F%2Fnews.orvis.com%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 28 Dec 2023 02:10:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703729409.302175,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://news.orvis.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-cph2320036-CPH

GET
H2 200 1841787929401016 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 84ms
84ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1841787929401016?v=2.9.138&r=stable&domain=news.orvis.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a47a389bcfafd8b95bcd2d381a8529341df7411835af8e8f56c3ecdd2be7218

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 02:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ga8INg8Ba63bmNGy6tMf2vZ84saqav7y8sEJa8Y1wwLSWYIWlNiqbeR/qUakuD4aQoGWu8/V9Wl+d4TXs8ohMg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-584DWRFMG0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00b3c0942b51a0cc33d742a609c082164cd38de30abaf4dfdf0cf4db6538f7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 01:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Dec 2023 03:48:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C8A4 14 KB
6 KB 121ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=news.orvis.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://news.orvis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 02:10:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 370184
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 451 458359.gif
idsync.rlcdn.com/ 0
98 B 95ms
32ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458359.gif?partner_uid=64512904-9ef6-400c-a0aa-d537b47cf7ed
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 87ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-584DWRFMG0&gtm=45je3bt0v888702983&_p=1703729409074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=531132704.1703729409&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703729409&sct=1&seg=0&dl=https%3A%2F%2Fnews.orvis.com%2F&dt=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1575
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-584DWRFMG0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f8cad8f4ec3728682052a7611226ddfda1f14d9a29b2863f6df51bee0338f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58054
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34c4ce2d09670662ab90104bf048ce75f4636f6e842d54f1b3e337c77acc0b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57992
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 87ms
86ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-970714449&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24d91836ae5fb7cb3fe95580a6d2a4da03319eb8238b541c70b039d924216650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74562
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-285838749&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2af640684e7b47ef45b0d82ef04e7884b5129c654d043022c05af353deed60fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72473
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-998964495&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8b5f586b9896ddb5b669c01fddc8168f7d009de5d8f8a40f1a34de7eab455f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58106
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973405072&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36137344-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

630206e32dd43485e27b52268b1ea3cdf1a6a582df36324528a269f0328fce36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58108
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973405072&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32d54c98a508b710aee2d1ebf0a70ee36b725a306aa65aca9e2789fe9f2bcf41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58067
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H2 200 json Show response
orvis.tt.omtrdc.net/m2/orvis/mbox/ 96 B
825 B 193ms
61ms XHR
application/json 66.235.152.115
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://orvis.tt.omtrdc.net/m2/orvis/mbox/json?mbox=target-global-mbox&mboxSession=9ca20f3cefa4488bb7d61880cefcaa06&mboxPC=&mboxPage=6951a3e477cc48d2a4fec5060114d915&mboxRid=c573299c841848c4acfd7470b41a4d44&mboxVersion=1.8.2&mboxCount=1&mboxTime=1703733009369&mboxHost=news.orvis.com&mboxURL=https%3A%2F%2Fnews.orvis.com%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&staging=False&signedIn=false&noReferrer=True&at_property=adcf835d-f677-e51c-d529-3594266f47b0&visitor.betaOptOut=unselected&visitor.qrEmailOptOut=false&mboxMCSDID=094BD312BC24749D-1B88A301FC372AFD&vst.trk=orvis.sc.omtrdc.net&mboxMCGVID=60328420204484034053620054828849309469&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.115 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-115.data.adobedc.net

Software

jag /

Resource Hash

108e87d6dd1815547f2fd577b1b306f5d7365f78880e4eaed4657120125aaf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 96
x-xss-protection: 1; mode=block
x-request-id: c573299c841848c4acfd7470b41a4d44
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400italic,600,700%7CSource+Serif+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 05:37:08 GMT
x-content-type-options: nosniff
age: 246781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14160
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 05:37:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 31ms
30ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1175508786&t=pageview&_s=1&dl=https%3A%2F%2Fnews.orvis.com%2F&ul=en-us&de=UTF-8&dt=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=741014060&gjid=1287754573&cid=531132704.1703729409&tid=UA-36137344-1&_gid=1988069279.1703729409&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1476780772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.orvis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C8A4
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=orvis.com&sn=ChromeSyncframe&so=0&topUrl=news.orvis.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0Qn...

436 B
673 B

39ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8b92447196504a88e7d4ad1356a64cf0f695e23f01ef766b684efcb77fafffd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1330483
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7A8rDXxaTVlmbXd1UFFXTW5BeGp2WFJIR0F0ZFdRNDJQOEY4VkFnZENOTmpPWnJQbE1BWkVlMWVRdmo2ZVg5bk9XQ0lIeTA1U3RBSVN4bEZENW81b1RHVHNYTFl4MkRMZCtJYk1kT3J5TytXb05YbDdheVdSSDV6eUZ0QnhTVTZKMFNrREt0L2NaN2hEZUE4MzRHV3NqeDBVU1E2NTcwZE5LamdCM3o0c0RyaC8rbm9URHh0cEVYMUh0UG9pTGkrcTZxNFpGZEVRUmUwOG9VSWxJc3BZeitzSklXTm9RdzExMlZHemN6eDBDczAwOU1aNGlyM0hucWdXOURNdG01NmYxaU44QVR4bnFWcnhvV3lxMU5LYUdxdDdjanN5eExSdEdzRnRtSTRpQWw1UzVGND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 310510
content-length: 0
expires: 0

GET
H3 200 675664122566129 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/675664122566129?v=2.9.138&r=stable&domain=news.orvis.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c18aea31d1c4b81bb978f6a4da68b2411a1e9d76dd91603db5cdeb501f588b7d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 02:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: XuMz37W3BwmsK42Rp/hWDMPRY9d43C19r9My8TicqZXYu5oZxtoTLtlSH81wKgMGpRz2IRp8JUkAPoiUJubrhQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1841787929401016&ev=PageView&dl=https%3A%2F%2Fnews.orvis.com%2F&rl=&if=false&ts=1703729409398&sw=1600&sh=1200&v=2.9.138&r=stable&a=adobe_launch&ec=0&o=4126&fbp=fb.1.1703729409397.868070061&cs_est=true&ler=empty&it=1703729409218&coo=false&rqm=GET

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Dec 2023 02:10:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
827 B 32ms
32ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13443
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39X9HjLvt6iBA6keNA57rB4SxGgplEYTcoxOVPgwq4WK0jYJ3EnK59ir8mrWSPgB3p7JHzbCA5AvvKNgCCKNVNdwFsMCWHQrHhThcHs4081SpbLSSkGcSDx2%2BqzjwGFeNxqgF9OgClXX2o2QH6TzsEOr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 83c643e8daec1c9b-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
944 B 37ms
34ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13443
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKlY5W58H7VhA0muwCtupsn9ETayWd9HKWs20jewE7K%2BUrip1rj%2BZJAhIsJsivx%2FcEP5EUXET%2BMirI0DWXJwdGA3uhz1UCMSW6ElmoAnjhkVoB6TE%2BmqHAWYCAbLp%2BoDM%2Bq49clqP7hKJeu6ZC6uZhd3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 83c643e8daf11c9b-FRA

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 901 B
1 KB 33ms
30ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13443
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"573fae6e51435ee7155601d053377d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMwZ65wPrRZmFMDMkcJfc%2FmtT42vQJRPBxZUWZ76nggwP5KV7okIhcXPxq4yi7X%2FWwOt39aBSEq20iK5vs6BTeIrC1nKfeumQYMb7CL1rksmc4dhKCNwqT847FyepnuzuJbJwTBw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 83c643e8daf21c9b-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
829 B 51ms
47ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8u8DfrIJ%2FyFRR5bqapVvDtD2L2Z67bHvu8%2BmvIAoHhu874Av4FZ9KPkrhuGUr3jvPE8QIUUI00261ovEeAO3hJZCLnCrCzq09w4x4I5oIcVNMy32xr7QxcpjrzcnyiHxk8LvBEBBmFJm%2BlFHusNaHLX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 83c643e8daf41c9b-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
666 B 54ms
51ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Origin: https://news.orvis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiH79B0vo5lFC0KBP5VeHFpSFdF1XO2ReKaV2CQ8rw6m19zayPJ90FrjLalwoP%2FH4ldKkKKkwNiDn7%2BaLalx6ISaRnPuH0Ia72HQbUAgd2z7HPW1xBiXWmKMDqfAApxm9Gouv9s8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 83c643e8daf51c9b-FRA

GET
H2 200 RCac63c683893740f29e84320ad7e42210-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 710 B
670 B 41ms
37ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCac63c683893740f29e84320ad7e42210-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36cfcffeac64950b56eaafdb0bb97a1c4c14203d4262d10de5c24c5df8215fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 414
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RCb5457280f62549fcb1c4d404dd7e29a4-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 508 B
586 B 41ms
38ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCb5457280f62549fcb1c4d404dd7e29a4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 59a9e0fb3d12bbd46767fd48306094848d60417600cd59881581f0774e65e491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 330
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RC90a211121c09418c913091e817555120-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 1 KB
905 B 42ms
39ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC90a211121c09418c913091e817555120-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ba863af5dc5a0159f551ec0bf2c9cca962dd94dd1e6862afb8fc7e8e92ba7c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 649
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RC0c8e21a78c41499c8db48a994b41c09c-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 1 KB
871 B 42ms
39ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC0c8e21a78c41499c8db48a994b41c09c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 92c15e054768161d6d360627c5198d347826723ff6491806931ba50e9689e860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 615
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 104ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 28 Dec 2023 02:10:09 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17587FAB20034DDFA3C499D8D606B1DB Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 RCe0562fcc8ceb44e2a2baa4d94297144e-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 1 KB
745 B 43ms
40ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCe0562fcc8ceb44e2a2baa4d94297144e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0b2dbc5aede02d87568394958759fb38bd6a2298e44bf26f1dbe649be4baa9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 489
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RC6cedfaa7d4b54f749cd27c5cedd9bbfd-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 2 KB
1 KB 43ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC6cedfaa7d4b54f749cd27c5cedd9bbfd-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: babe969b662c996bf1f59a8d629d6a77a5260ed894508e3f2cb743735dfc4e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 849
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RCac9133b00bae49ffad6f36573f4085cb-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 3 KB
1 KB 44ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCac9133b00bae49ffad6f36573f4085cb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c4a0daa106da7667e1249f082cc835481320a1f52eb62669ce26317a756cc7f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 913
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RCa9621a98979b49f7899d407a5429d780-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 6 KB
2 KB 44ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RCa9621a98979b49f7899d407a5429d780-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0c97970b00aa33fc1187e15f0398e61dc673444a7cb952b8916ef15cdc00968c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2085
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 RC88856b3007ab40b89c2f9052e8b0b693-source.min.js Show response
assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/ 1 KB
872 B 45ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/e19a8a6b756d/051c2587666c/8fe8db67c5bd/RC88856b3007ab40b89c2f9052e8b0b693-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d828435c41c3662a885a410a26d52da6b9775152/satelliteLib-096e9651b23815de669ce35003b9ed081e8013be.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 063b43c6417159e90b65286eb53d214e754eddf8104207cc47d948c0c7a023cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:34:46 GMT
server: AkamaiNetStorage
etag: "f314107119528f297bddc99007d446e1:1644852886.337445"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://news.orvis.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 616
expires: Thu, 28 Dec 2023 03:10:09 GMT

GET
H2 200 wp-emoji-release.min.js Show response
news.orvis.com/wp-includes/js/ 18 KB
5 KB 127ms
125ms Script
application/javascript 35.212.35.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://news.orvis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.35.149 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.35.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
last-modified: Fri, 31 Mar 2023 13:01:44 GMT
server: nginx
etag: W/"4904-5f831cfa9a6f3"
vary: Accept-Encoding
content-type: application/javascript
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&gjid=1287754573&_gid=1988069279.1703729409&_u=YADAAUAAAAAAACAAI~&z=1420927848

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.orvis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.orvis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ogma.min.js Show response
embed.cartfulsolutions.com/orvis/ 83 KB
27 KB 309ms
243ms Script
application/javascript 2606:4700:10::6816:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.cartfulsolutions.com/orvis/ogma.min.js

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89f4430674e0ad494e4fe8e85b9f0b22c8c590f9a60487f479278575a60bb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-version-id: HCPEUGnnAfkKHbEpbCyhgQnb4HgoWOFC
x-amz-request-id: PDGXXF40TDXDNT8G
x-amz-id-2: DrZBRVJNi0RYyWWYQe6Npqf54BM7bTgJwRpGyzt/c1MW/8QQRly+1HbdGCXM8lH/ruEGUfywS1M=
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Jun 2021 21:08:51 GMT
server: cloudflare
etag: W/"cc72a9d3b55db593ee0f985707fa3f4e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 83c643e98e7991d7-FRA

GET
H2 200 sv.js Show response
track.securedvisit.com/js/ 60 KB
24 KB 474ms
234ms Script
application/javascript 35.172.41.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.securedvisit.com/js/sv.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.41.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-41-107.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2023 02:10:09 GMT
server: nginx/1.24.0
etag: W/"f617b666f3c16d1666e3099c57cb63a9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H/1.1 200
OK tracker.js Show response
cdn.mercent.com/js/ 5 KB
3 KB 111ms
28ms Script
application/javascript 52.85.92.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mercent.com/js/tracker.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-88.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2001fa2302369eee173cf9e7bb29c814016f1e2676b25bc47c7b9e53fed98da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 27 Dec 2023 05:24:09 GMT
Content-Encoding: gzip
Via: 1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
Last-Modified: Fri, 25 Mar 2016 15:22:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: HAM50-C1
Age: 74761
ETag: W/"e6c30613a13a4fde3f0008372726ac41"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: f2roNVaVO0W1zNG3H7OJnwMgwfoFgIIxTRdVgzKmAXk52K-57SVcyQ==

GET
H2 200 d1119f1c42684.js Show response
t.contentsquare.net/uxa/ 313 KB
75 KB 100ms
33ms Script
application/javascript 54.230.206.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/d1119f1c42684.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-111.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7362c0e8a613f7dee304b25423f672dca684914d9811067de639ab1a5d1d4256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 06:44:56 GMT
content-encoding: br
via: 1.1 d4ed28727dd020fd5850b309fbb1f2f4.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 75848
last-modified: Tue, 19 Dec 2023 14:04:54 GMT
server: AmazonS3
etag: "24601e6bd89166aaa838f8b9598d03a9"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HJh3xoUCPx2PfD1g3wJkII3yaaVVx1mJZPCzZom8LyyTTrnHDHIh0g==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 106ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 28 Dec 2023 02:10:09 GMT

GET
H2 200 collect.js Show response
7236729.collect.igodigital.com/ 8 KB
2 KB 368ms
116ms Script
application/javascript 23.20.113.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7236729.collect.igodigital.com/collect.js
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.113.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-113-198.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 18:29:39 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/ 3 KB
2 KB 83ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/?random=1703729409490&cv=11&fst=1703729409490&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51936b92bc1d3e2b9b1893bc27602719d66e5551c5c5a568f43e3454363f151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/ 3 KB
1 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962132069/?random=1703729409494&cv=11&fst=1703729409494&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dconversion%3Becomm_pagetype%3Dblog&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-962132069&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0991abf35444af3c35d835ea8c4a26ad2f519b23a8597c2466a10db940c15792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1285
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/ 3 KB
1 KB 71ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/?random=1703729409505&cv=11&fst=1703729409505&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dd362db9b64c22d8375e4879abfb9b7ba966c07e06457ff1a016ce98cb70e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/ 3 KB
1 KB 68ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072739139/?random=1703729409509&cv=11&fst=1703729409509&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&auid=871465855.1703729409&uamb=0&uaw=0&data=event%3Dconversion%3Becomm_pagetype%3Dblog&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072739139&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de0ea65b6583bd1e484cfa444f35f37e2dcebeffe84e6d058ef6fc1f7d460ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 84ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&_u=YADAAUAAAAAAACAAI~&z=835533651

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36137344-1&cid=531132704.1703729409&jid=741014060&_u=YADAAUAAAAAAACAAI~&z=835533651

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675664122566129&ev=PageView&dl=https%3A%2F%2Fnews.orvis.com%2F&rl=&if=false&ts=1703729409560&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703729409397.868070061&ler=empty&it=1703729409218&coo=false&tm=1&rqm=GET

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Dec 2023 02:10:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 5014640.js Show response
bat.bing.com/p/action/ 0
118 B 71ms
71ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5014640.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 28 Dec 2023 02:10:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D125E7F00144587AF359C631BDD57B2 Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5014640&tm=al001&Ver=2&mid=6723697c-deae-4600-9fda-371747048225&sid=3a023f80a52611eea72b9989d913748f&vid=3a0252e0a52611eebedd575cb003ba0b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&p=https%3A%2F%2Fnews.orvis.com%2F&r=&lt=1630&evt=pageLoad&sv=1&rn=305098

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 02:10:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E9F7FA6C0C434C9781EFDAC268EF7454 Ref B: DUS30EDGE0916 Ref C: 2023-12-28T02:10:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ 216 KB
67 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Dec 2024 01:57:35 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/962132069/ 42 B
108 B 63ms
33ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/962132069/?random=1703729409490&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ECif3l4YBdXUzx3S77wZeru-fLizMg&random=1523950646&rmt_tld=0&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/962132069/ 42 B
108 B 66ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/962132069/?random=1703729409490&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ECif3l4YBdXUzx3S77wZeru-fLizMg&random=1523950646&rmt_tld=1&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/962132069/ 42 B
455 B 61ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/962132069/?random=1703729409494&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IGRio2wA6iVH9l59OAtS23Rr5CZ_GA&random=3967683137&rmt_tld=0&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/962132069/ 42 B
154 B 65ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/962132069/?random=1703729409494&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IGRio2wA6iVH9l59OAtS23Rr5CZ_GA&random=3967683137&rmt_tld=1&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072739139/ 42 B
108 B 81ms
53ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072739139/?random=1703729409509&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_1uEpQ7_qs8YGxUHfndFi8bI4ctjE9g&random=4189837940&rmt_tld=0&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072739139/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072739139/?random=1703729409509&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dconversion%3Becomm_pagetype%3Dblog&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_1uEpQ7_qs8YGxUHfndFi8bI4ctjE9g&random=4189837940&rmt_tld=1&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072739139/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072739139/?random=1703729409505&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E3inNVy3-zIwPrzq6hShEV9lRgMQXQ&random=2966633561&rmt_tld=0&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072739139/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072739139/?random=1703729409505&cv=11&fst=1703728800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnews.orvis.com%2F&frm=0&tiba=Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E3inNVy3-zIwPrzq6hShEV9lRgMQXQ&random=2966633561&rmt_tld=1&ipr=y

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 165ms
48ms Image
text/plain 34.241.98.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=1801&uu=10bf337d-97c5-acfc-9257-aa93430c073a&sn=1&hd=1703729409&pn=1&dw=1600&dh=9327&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fnews.orvis.com%2F&uc=0&la=en-US&v=13.76.1&pvt=n&ex=&r=269175
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.98.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-98-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 2608ceab-2e4e-4f17-80b1-7f4cd1d5c451
https://news.orvis.com/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://news.orvis.com/2608ceab-2e4e-4f17-80b1-7f4cd1d5c451
Requested by: Host: news.orvis.com
URL: https://news.orvis.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 200 s230257613817
somni.orvis.com/b/ss/orviscom/1/JS-2.22.0-LBWB/ 43 B
373 B 134ms
37ms Image
image/gif 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somni.orvis.com/b/ss/orviscom/1/JS-2.22.0-LBWB/s230257613817?AQB=1&ndh=1&pf=1&t=28%2F11%2F2023%203%3A10%3A9%204%20-60&sdid=094BD312BC24749D-1B88A301FC372AFD&mid=60328420204484034053620054828849309469&aamlh=6&ce=UTF-8&pageName=news%3A%20home&g=https%3A%2F%2Fnews.orvis.com%2F&cc=USD&ch=News&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=2022-02-14T15%3A34%3A22Z%7Cdesktop%20launch&c2=D%3Dv4&v4=News&v5=News&v6=D%3DpageName&v7=D%3Dg&v8=blog%3Ehome&v10=12%2F28%2F2023&c12=D%3Dv24&c14=D%3Dv47&v47=homepage&v50=D%3Dv4&v56=D%3Dv4&v68=false&v80=Unselected&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=21ABA57856263CDF7F000101%40AdobeOrg&AQE=1

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 29 Dec 2023 02:10:09 GMT
server: jag
etag: 3658731046858063872-4617947177296981676
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27 Dec 2023 02:10:09 GMT

GET
H2 200 cfsp.js Show response
embed.cartfulsolutions.com/ 96 KB
29 KB 235ms
235ms Script
application/javascript 2606:4700:10::6816:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.cartfulsolutions.com/cfsp.js

Requested by

Host: embed.cartfulsolutions.com
URL: https://embed.cartfulsolutions.com/orvis/ogma.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-version-id: 9BLu2s5fmCaVgx_S7GAgQBsvvHB78dmq
x-amz-request-id: KS9DJCE18NCT3FAB
x-amz-id-2: 8s9FU+AU0g1C9X4qzIygqalbXNz8ziNN86WS3VZ4wRR0abTLprbWicCDBu1C65THeRWnGgnJAGw=
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Aug 2019 20:10:12 GMT
server: cloudflare
etag: W/"69c0026af7f2b8f2eed23f2f5fc5c68f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 83c643eb2eca91d7-FRA

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/7236729/ 43 B
710 B 130ms
130ms Image
image/gif 23.20.113.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/7236729/track_page_view?payload=%7B%22title%22%3A%22Orvis%20News%20-%20Your%20home%20for%20the%20sporting%20life%22%2C%22url%22%3A%22https%3A%2F%2Fnews.orvis.com%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%22details%22%3A%7B%22cartID%22%3A%22%22%7D%7D%7D

Requested by

Host: news.orvis.com
URL: https://news.orvis.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.113.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-113-198.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 0.010498
date: Thu, 28 Dec 2023 02:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: 6aa336a8-99e3-4ba0-a78b-59042f71c4d1

OPTIONS
H2 200 tp2
tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/ Frame 0
0 185ms
123ms Preflight 34.95.84.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.84.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.84.95.34.bc.googleusercontent.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.orvis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://news.orvis.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 28 Dec 2023 02:10:10 GMT
server: akka-http/10.0.9
via: 1.1 google

POST
H3 200 tp2 Show response
tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/ 2 B
19 B 174ms
126ms XHR
text/plain 34.95.84.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.cartfulsolutions.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.84.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.84.95.34.bc.googleusercontent.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://news.orvis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 28 Dec 2023 02:10:10 GMT
via: 1.1 google
server: akka-http/10.0.9
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.orvis.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 tf.min.js Show response
embed.cartfulsolutions.com/orvis/ 1 MB
260 KB 234ms
234ms Script
application/javascript 2606:4700:10::6816:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.cartfulsolutions.com/orvis/tf.min.js

Requested by

Host: embed.cartfulsolutions.com
URL: https://embed.cartfulsolutions.com/orvis/ogma.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40e19c2bfc7869411bd9a7803997dd66f904bb08b8296d30f97292ae84967c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-version-id: w5VrQDQHQp7rROG9jAtQuzQcBSWKodZI
x-amz-request-id: 3PQTW5MVSTQSSZ5T
x-amz-id-2: wfnWAiPcGsNyNMKkLGoBgJ4thxsAYTJna8fb1cXPuAMuLDoDrGaNVojVZxvXvD/AoAcU3iQ0Gps=
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 21:59:22 GMT
server: cloudflare
etag: W/"9d35fc24dcc0bf3e051809f34f06e517"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 83c643ed4f4c91d7-FRA

GET
H2 200 model.json Show response
embed.cartfulsolutions.com/orvis/rc/v5/ 4 KB
2 KB 321ms
273ms Fetch
application/json 2606:4700:10::6816:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.cartfulsolutions.com/orvis/rc/v5/model.json

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7d03d46f8c5a038e5fe8e1e331afdef20d6b8d115e5a91305941ea187185e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-version-id: gfTd7myGMcBdSrdZdxQL1ArmryI3bLQ.
x-amz-request-id: 1FJM4NMVYFWZDJK1
x-amz-id-2: kA/cNTHwTjuuTxTvAd1ITIbd7OxZWPHUTs59PlvTWw9OVN+ErShjSMFl+XPQMnHGmdrgHPMl6ms=
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Nov 2020 04:09:21 GMT
server: cloudflare
etag: W/"3b420ea8869686f0e054c5a3226e82bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
x-frame-options: DENY
cf-ray: 83c643f03d7337ec-FRA

GET
H2 200 group1-shard1of1.bin Show response
embed.cartfulsolutions.com/orvis/rc/v5/ 49 KB
49 KB 294ms
294ms Fetch
application/octet-stream 2606:4700:10::6816:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.cartfulsolutions.com/orvis/rc/v5/group1-shard1of1.bin

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/d1119f1c42684.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4b7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d403b92a0e90ce0abae1b0b4a24ff962855a55a6096851dadeaa8b0f03a7f24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.orvis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:10:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-version-id: zMf7E.zKAK7hBwVyGa7My2Ua1CYnaYjr
x-amz-request-id: 9N60CBE15622N3J7
content-length: 49668
x-amz-id-2: hqs1DjzDqZsrva7XnYGs9A6ZhCa0lMPLUuadR7GtQ2FNPn7bN4rVVY2dzXzyPYMGDpub+3w/ZDg=
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Nov 2020 04:09:06 GMT
server: cloudflare
etag: "fa4b1df10ad64633e1dc266f59529bfb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 83c643f1fe4f37ec-FRA
x-frame-options: DENY

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.orvis.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 21:34:41	Name: demdex Value: 60322958830477148603617222076692961532
.orvis.com/	1969-12-31 23:59:59	Name: AMCVS_21ABA57856263CDF7F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 02:01:05	Name: everest_g_v2 Value: g_surferid~ZYzZAQAAAMdo_gN-
.linksynergy.com/	1970-01-21 02:01:05	Name: rmuid Value: 64512904-9ef6-400c-a0aa-d537b47cf7ed
.dpm.demdex.net/	1970-01-20 21:34:41	Name: dpm Value: 60322958830477148603617222076692961532
.orvis.com/	1970-01-21 02:51:29	Name: _ga_584DWRFMG0 Value: GS1.1.1703729409.1.0.1703729409.0.0.0
.orvis.com/	1970-01-21 02:51:29	Name: adcloud Value: {%22_les_v%22:%22y%2Corvis.com%2C1703731209%22}
.orvis.com/	1970-01-21 02:51:29	Name: AMCV_21ABA57856263CDF7F000101%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19720%7CMCMID%7C60328420204484034053620054828849309469%7CMCAAMLH-1704334209%7C6%7CMCAAMB-1704334209%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703736609s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19727%7CvVersion%7C5.2.0
.criteo.com/	1970-01-21 02:37:05	Name: uid Value: 48a5aa5a-2592-40c0-8c6a-7ec07dc9ac16
.criteo.com/	1970-01-21 02:37:05	Name: receive-cookie-deprecation Value: 1
.orvis.com/	1970-01-21 02:51:29	Name: _ga Value: GA1.2.531132704.1703729409
.orvis.com/	1970-01-20 17:16:55	Name: _gid Value: GA1.2.1988069279.1703729409
.orvis.com/	1970-01-20 17:15:29	Name: _gat_gtag_UA_36137344_1 Value: 1
.orvis.com/	1970-01-20 19:25:05	Name: _fbp Value: fb.1.1703729409397.868070061
.orvis.com/	1970-01-21 02:44:53	Name: cto_bundle Value: QWHBzl9NbEpIZWNpSkh1OHg0Z1hmMlZUWTE2UEUxaWM0VWUlMkZqY1VVUWF3ZTI4aUVXdjQzaTJ2WEttZVVIWmM4JTJCZWI0amw3blZYJTJGV1U1clJTekxpaTF3Q3dSNWR1QmQ0NlpyJTJGT2RYOVdwc2ElMkZsUnE2a0d2dm1mcG90TkNWTm83OTdMeHdDRm53amlGaCUyRlp6SkhnR0EweVpTJTJCdyUzRCUzRA
.orvis.com/	1970-01-20 19:25:05	Name: _gcl_au Value: 1.1.871465855.1703729409
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Bj1xrlaEG4o
.youtube.com/	1970-01-20 21:34:41	Name: VISITOR_INFO1_LIVE Value: NHlqvrh1DKw
.orvis.com/	1970-01-20 17:16:55	Name: _uetsid Value: 3a023f80a52611eea72b9989d913748f
.orvis.com/	1970-01-21 02:37:05	Name: _uetvid Value: 3a0252e0a52611eebedd575cb003ba0b
.orvis.tt.omtrdc.net/	1970-01-20 17:15:31	Name: orvis!mboxSession Value: 9ca20f3cefa4488bb7d61880cefcaa06
.orvis.tt.omtrdc.net/	1970-01-21 02:51:29	Name: orvis!mboxPC Value: 9ca20f3cefa4488bb7d61880cefcaa06.37_0
.orvis.com/	1970-01-21 02:51:29	Name: mr_referredVisitor Value: 0
.orvis.com/	1970-01-21 02:51:29	Name: mbox Value: session#9ca20f3cefa4488bb7d61880cefcaa06#1703731270\|PC#9ca20f3cefa4488bb7d61880cefcaa06.37_0#1766974210
.doubleclick.net/	1970-01-20 17:15:30	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 02:37:05	Name: MUID Value: 1AD878D9A999682820816B2CA8336974
.orvis.com/	1970-01-21 02:44:53	Name: _cs_c Value: 0
.orvis.com/	1970-01-21 02:44:53	Name: _cs_id Value: 10bf337d-97c5-acfc-9257-aa93430c073a.1703729409.1.1703729409.1703729409.1.1737893409620
.orvis.com/	1969-12-31 23:59:59	Name: sat_prevPage Value: news%3A%20home
.orvis.com/	1969-12-31 23:59:59	Name: sat_prevurl Value: https%3A%2F%2Fnews.orvis.com%2F
.orvis.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.orvis.com/	1970-01-20 17:15:31	Name: _cs_s Value: 1.5.0.1703731209809
.igodigital.com/	1970-01-21 02:51:29	Name: igodigitaltc2 Value: 3a347bdc-a526-11ee-a1a0-9e1213c61840
.igodigital.com/	1970-01-20 17:15:33	Name: igodigitalst_7236729 Value: 3a348d8e-a526-11ee-a1a0-9e1213c61840
.igodigital.com/	1970-01-20 17:15:33	Name: igodigitalstdomain Value: 22889
.orvis.com/	1970-01-20 17:15:31	Name: _sp_ses.ad37 Value: *
.orvis.com/	1970-01-21 02:51:29	Name: _sp_id.ad37 Value: 439ac7fa-646b-4155-99b4-ca2e7eac7da7.1703729410.1.1703729410.1703729410.0bacd13d-cc05-4494-9812-d8a93827ba0c
.orvis.com/	1969-12-31 23:59:59	Name: s_ptc Value: 0.26%5E%5E0.00%5E%5E0.00%5E%5E0.37%5E%5E0.13%5E%5E0.13%5E%5E1.49%5E%5E0.00%5E%5E2.25

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/458359.gif?partner_uid=64512904-9ef6-400c-a0aa-d537b47cf7ed Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://connect.facebook.net/signals/config/675664122566129?v=2.9.138&r=stable&domain=news.orvis.com(Line 132) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7236729.collect.igodigital.com
assets.adobedtm.com
bat.bing.com
c.contentsquare.net
cdn.mercent.com
cm.everesttech.net
connect.facebook.net
consent.linksynergy.com
dpm.demdex.net
embed.cartfulsolutions.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
lasteventf-tm.everesttech.net
maxcdn.bootstrapcdn.com
mug.criteo.com
news.orvis.com
nova.collect.igodigital.com
orvis.sc.omtrdc.net
orvis.tt.omtrdc.net
region1.google-analytics.com
somni.orvis.com
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
t.contentsquare.net
tag.rmp.rakuten.com
theorvis.demdex.net
track.securedvisit.com
tracker.cartfulsolutions.com
ut.rd.linksynergy.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
151.101.2.49
2001:4860:4802:34::36
23.20.113.198
23.212.212.65
2606:4700:10::6816:4b7c
2606:4700:10::ac43:2794
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:587::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.147.248
34.241.98.209
34.243.189.130
34.95.84.97
34.98.67.3
35.172.41.107
35.212.35.149
35.244.174.68
52.17.48.145
52.85.92.88
54.230.206.111
63.140.62.160
63.140.62.214
66.235.152.115
00b3c0942b51a0cc33d742a609c082164cd38de30abaf4dfdf0cf4db6538f7ed
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
063b43c6417159e90b65286eb53d214e754eddf8104207cc47d948c0c7a023cc
06fe93f1d30a411e76e08c41463baf1e396c7b1941ce2c338177b09ba9118c3b
0991abf35444af3c35d835ea8c4a26ad2f519b23a8597c2466a10db940c15792
0b2dbc5aede02d87568394958759fb38bd6a2298e44bf26f1dbe649be4baa9a5
0c97970b00aa33fc1187e15f0398e61dc673444a7cb952b8916ef15cdc00968c
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e7d03d46f8c5a038e5fe8e1e331afdef20d6b8d115e5a91305941ea187185e9
108e87d6dd1815547f2fd577b1b306f5d7365f78880e4eaed4657120125aaf18
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1d959f985f144d73bf7e483dc5b5027417eb785966a53fb8b1378979c43d6f90
24d91836ae5fb7cb3fe95580a6d2a4da03319eb8238b541c70b039d924216650
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2af640684e7b47ef45b0d82ef04e7884b5129c654d043022c05af353deed60fd
3246209670e4a264865301586f5c54b46a2ed5329547bce7aa772db3ec27bf86
32d54c98a508b710aee2d1ebf0a70ee36b725a306aa65aca9e2789fe9f2bcf41
34c4ce2d09670662ab90104bf048ce75f4636f6e842d54f1b3e337c77acc0b2c
36cfcffeac64950b56eaafdb0bb97a1c4c14203d4262d10de5c24c5df8215fbe
36d70ae0e5c128c58c2e70dbb963628b34389e23e0eac934747eb120e6c1048e
3a47a389bcfafd8b95bcd2d381a8529341df7411835af8e8f56c3ecdd2be7218
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e19c2bfc7869411bd9a7803997dd66f904bb08b8296d30f97292ae84967c56
42c05e4db44d774cdd2c1900d054885286591cb202acc6439080be7ab9fc6060
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f4afec8d8bf4513d1fc73ad0154a2d142844d5f7b6dd7bdf620167003bde687
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51936b92bc1d3e2b9b1893bc27602719d66e5551c5c5a568f43e3454363f151f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
54ce420fd2607414c890e91ab59a561756945a9eadc700021e42beb580ccedff
59a9e0fb3d12bbd46767fd48306094848d60417600cd59881581f0774e65e491
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c3cd250a4a917a5f9b5f9d9caf0d701746def2e11404ce4484a0fcde3e7b646
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
630206e32dd43485e27b52268b1ea3cdf1a6a582df36324528a269f0328fce36
6375d2e136a32b79d6a37d787f3f24c51e71d39fc5ffb0d8211fabb91f0a90e2
659b5b0c39c1ff7f507ed39f87eab8e048e9b3d48641ac8867d4beb434cdc207
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a256af945154352c8eef9c70ff703e5173e254e2da9301d5feb991b4e764912
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b
6c4c821b94249e2d439cd382231ff63405046deec2059e6908fe915e77b9a642
6edb1d103303ee1ee778ffdceb6ab793269a18d7bac8f33e6f49efa0f0b2b008
709694ffcbfa677b2f5c6417899140d824992ad642d4a827b2b0ffc274c0e8b9
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
7362c0e8a613f7dee304b25423f672dca684914d9811067de639ab1a5d1d4256
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d04f2cd8792432943d7c73c9b2173b3faee45ecd9334ad6a9812729b88aa69a
7f8cad8f4ec3728682052a7611226ddfda1f14d9a29b2863f6df51bee0338f34
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cbd7bc992b259d67b8534d35acc3e284bc6a7681fcedf1b36fd35bdfce6e7f
8718a0c9e90880a7fe228db0c07333baa82dcc41e4ac99f02e2dabb04219ada1
8b92447196504a88e7d4ad1356a64cf0f695e23f01ef766b684efcb77fafffd9
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
92c15e054768161d6d360627c5198d347826723ff6491806931ba50e9689e860
95b91c345b899226fdf64d0e8081310c6eda9ca435792b346b8a71984c0e7ae5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9dd362db9b64c22d8375e4879abfb9b7ba966c07e06457ff1a016ce98cb70e7c
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
ae4225a66f3f335ccb9e94a9f76740f47266619e9b17afdd00f2a30f9f97eb96
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
ba863af5dc5a0159f551ec0bf2c9cca962dd94dd1e6862afb8fc7e8e92ba7c11
babe969b662c996bf1f59a8d629d6a77a5260ed894508e3f2cb743735dfc4e46
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb28511ad15ae7e7a24d8c6d00c23363d193448a2b7b398477cc3fd5215a2aac
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
c18aea31d1c4b81bb978f6a4da68b2411a1e9d76dd91603db5cdeb501f588b7d
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c37d627f9134d2788c6df98a70cafd363fb75ecc10eeb6fbc7bd2fbc056f627d
c4a0daa106da7667e1249f082cc835481320a1f52eb62669ce26317a756cc7f1
c5e1f51fe86cb3076e5fcbe6681b1f11bfe3f2445b097581f5a51322fd49d683
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca966353a1ec3bd5b7b9f5708fb551ab08b9a3453dd582d2571948c9165b2294
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
cc78dfb04f54d489f681fff1924008b5a890282f6df1cccaa3af78adf7130291
cc7d80a8a015d1a681162fe1ba47c67bb22fdc653cc0c2b66fc18733b372a278
ce3e352c6a5d4b0d76856d2ef3091b7ca504e21a79e158d9674d600d5a1863ed
cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d36e2b211bf279240717a9497578a57d8c9a2e266d17f6f0165942dad7d8ce37
d403b92a0e90ce0abae1b0b4a24ff962855a55a6096851dadeaa8b0f03a7f24e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d8b5f586b9896ddb5b669c01fddc8168f7d009de5d8f8a40f1a34de7eab455f0
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
dbf3b727d5fb06c97d7f7a5089f499b014a449cfaad4db2d77eb719c00597c53
dc72d1591a2a5559ba7e2a591a4cf5692658d20fa7a749c807e37b19773df1e0
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de0ea65b6583bd1e484cfa444f35f37e2dcebeffe84e6d058ef6fc1f7d460ef1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2001fa2302369eee173cf9e7bb29c814016f1e2676b25bc47c7b9e53fed98da
e2913bf1da4bd436195ea5eef87ecc35d17f0d3b0f6bf62346122fc7044ba561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89f4430674e0ad494e4fe8e85b9f0b22c8c590f9a60487f479278575a60bb47
eb733be79f1e125e4e15dba59d3c6cc7403d25b31ed165341113154e6ed48668
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
ffea9a13bdc8bbe71e149aa9973f54b3179f6c88b2240c88091649f08ef49902

news.orvis.com Open in urlscan Pro 35.212.35.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

97 %HTTPS

53 %IPv6

29 Domains

40 Subdomains

36 IPs

5 Countries

2872 kBTransfer

6988 kBSize

39 Cookies

9 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.orvis.com Open in urlscan Pro
35.212.35.149 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

97 %
HTTPS

53 %
IPv6

29
Domains

40
Subdomains

36
IPs

5
Countries

2872 kB
Transfer

6988 kB
Size

39
Cookies

132 HTTP transactions
1 data transactions