orladeyo.com Open in urlscan Pro
2606:4700:3032::6812:22a8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://empowersupport.net/
Effective URL:
https://orladeyo.com/
Submission: On December 09 via automatic, source certstream-suspicious (December 9th 2020, 9:48:21 pm UTC)

Summary HTTP 44 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3032::6812:22a8, located in United States and belongs to CLOUDFLARENET, US. The main domain is orladeyo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 6th 2020. Valid for: a year.

This is the only time orladeyo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::681f:48bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3032::6812:22a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:170... 2a02:26f0:1700:11::b856:6785	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:794::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.21.2 152.199.21.2	15133 (EDGECAST) (EDGECAST)
9	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3 6	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1 2	54.84.190.213 54.84.190.213	14618 (AMAZON-AES) (AMAZON-AES)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
44	11

1 2606:4700:3034::681f:48bd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

empowersupport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3032::6812:22a8 (United States)

ASN13335 (CLOUDFLARENET, US)

orladeyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:11::b856:6785 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:794::f09 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.21.2 (United States)

ASN15133 (EDGECAST, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.208.38 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

10081570.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.190.213 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-190-213.compute-1.amazonaws.com

bm.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	orladeyo.com orladeyo.com	254 KB
9	google-analytics.com www.google-analytics.com	19 KB
7	doubleclick.net 3 redirects 10081570.fls.doubleclick.net stats.g.doubleclick.net	1 KB
5	cookiebot.com consent.cookiebot.com consentcdn.cookiebot.com	75 KB
2	adentifi.com 1 redirects bm.adentifi.com	1 KB
1	contextweb.com bh.contextweb.com	318 B
1	myfonts.net hello.myfonts.net	162 B
1	googletagmanager.com www.googletagmanager.com	55 KB
1	empowersupport.net 1 redirects empowersupport.net	497 B
44	9

	Domain	Requested by
22	orladeyo.com	orladeyo.com consent.cookiebot.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com orladeyo.com
6	10081570.fls.doubleclick.net	3 redirects www.googletagmanager.com
3	consent.cookiebot.com	orladeyo.com www.googletagmanager.com consent.cookiebot.com
2	bm.adentifi.com	1 redirects orladeyo.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	bh.contextweb.com	orladeyo.com
1	hello.myfonts.net	orladeyo.com
1	www.googletagmanager.com	orladeyo.com
1	empowersupport.net	1 redirects
44	11

This site contains links to these domains. Also see Links.

Domain
biocryst.com
orladeyohcp.com
www.fda.gov
www.biocryst.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-06` - `2021-11-05`	a year	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.cookiebot.com DigiCert Secure Site ECC CA-1	`2020-09-03` - `2021-09-03`	a year	crt.sh
hello.myfonts.net DigiCert SHA2 Secure Server CA	`2019-06-03` - `2021-06-07`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adentifi.com Go Daddy Secure Certificate Authority - G2	`2019-09-01` - `2021-10-31`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://orladeyo.com/
Frame ID: 10CA036489063E6B21507AF8AAE5EBD3
Requests: 41 HTTP requests in this frame

Frame: https://10081570.fls.doubleclick.net/activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
Frame ID: 586E4AE4AA2808C27539EA47802C6386
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc.min.html
Frame ID: 681EA821EEE61592277C645ABF8EEFB8
Requests: 1 HTTP requests in this frame

Frame: https://10081570.fls.doubleclick.net/activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
Frame ID: 740B233EF288DCCE04148262528632CD
Requests: 1 HTTP requests in this frame

Frame: https://10081570.fls.doubleclick.net/activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
Frame ID: 05456621A79BFA5A026066DFE2B42D4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://empowersupport.net/ HTTP 301
https://orladeyo.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

44
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

404 kB
Transfer

976 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://biocryst.com/wp-content/uploads/2020/12/ORLADEYO_PI_V1_2020.pdf
Title: Prescribing Information

Search URL Search Domain Scan URL

URL: https://orladeyohcp.com/
Title: For healthcare professionals

Search URL Search Domain Scan URL

URL: https://www.fda.gov/medwatch
Title: www.fda.gov/medwatch

Search URL Search Domain Scan URL

URL: https://biocryst.com/wp-content/uploads/2020/12/ORLADEYO_PI_V1_2020.pdf#page=13
Title: Patient Information

Search URL Search Domain Scan URL

URL: https://www.biocryst.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.biocryst.com/terms-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.biocryst.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://empowersupport.net/ HTTP 301
https://orladeyo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F HTTP 302
https://10081570.fls.doubleclick.net/activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F

Request Chain 20

https://bm.adentifi.com/pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552 HTTP 302
https://bm.adentifi.com/pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552;ip=82.102.19.136;cuidchk=1

Request Chain 40

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F HTTP 302
https://10081570.fls.doubleclick.net/activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F

Request Chain 43

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F HTTP 302
https://10081570.fls.doubleclick.net/activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
orladeyo.com/
Redirect Chain

https://empowersupport.net/
https://orladeyo.com/

42 KB
10 KB

305ms
275ms

Document
text/html

2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c191a52db8956695a33cd8dc2002e667c83bc706fc94eb2506e2c44b4c0667

Request headers

:method: GET
:authority: orladeyo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc7253ce4d3d4d0f9302c31d657f831cc1607550484; expires=Fri, 08-Jan-21 21:48:04 GMT; path=/; domain=.orladeyo.com; HttpOnly; SameSite=Lax; Secure
link: <https://orladeyo.com/wp-json/>; rel="https://api.w.org/" <https://orladeyo.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://orladeyo.com/>; rel=shortlink
cf-cache-status: DYNAMIC
cf-request-id: 06eb12d8c4000005d49d0cd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0qi9HTeQ2niHdBItzcu1jH6BghZqF6%2FzbWEKwkISkNJ5QvegRgZg%2FPe4ohDMIbNLCj0OT%2FjbH092iNeeFDBStQDItMvk279PkoM2rcelDwWjGrTUABJLdWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ff1eda13ecc05d4-FRA
content-encoding: br

Redirect headers

date: Wed, 09 Dec 2020 21:48:04 GMT
cache-control: max-age=3600
expires: Wed, 09 Dec 2020 22:48:04 GMT
location: https://orladeyo.com
cf-request-id: 06eb12d8920000c2fe03b7d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6H0ivgrIKyWLc1eApj3mJSrzWIn4x3to5HL6O2NLHi44p6NXGpkHlM7nPNtPtn1Z%2Bf6ksmX3qDTu%2FuS0ruvEz4VP0HcyMCD%2BS2q4DF5RfKZmdp3jz3du4gwr6MI2z%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 5ff1eda0e9a8c2fe-FRA

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 71 KB
23 KB 75ms
21ms Script
application/javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8e0d2ab4f0a4a7e5a6c1755abf9d48ac795a9ab41c35802bbda956e4338ff50f

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Dec 2020 10:43:17 GMT
server: Microsoft-IIS/10.0
etag: "e46e1c61c9d61:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=397
accept-ranges: bytes
content-length: 23556
expires: Wed, 09 Dec 2020 21:54:42 GMT

GET
H2 200 style.min.css
orladeyo.com/wp-includes/css/dist/block-library/ 53 KB
7 KB 197ms
195ms Stylesheet
text/css 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ddc6189bb154a5d341e7a1336f88a576398c4ca58d854c013c5d507c47a2db2

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uhm1hH8GdIfzdjn9qpHzCghoMICRq%2FMw8LaPD8nuYT3zYx7dFud9rZLeElUggtFxnlbWM%2FkJ%2Fhp2cI72UeujjMYPJvrJdC5EVmyxyVXgVIxlTArcVL8zmRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda2fbab05d4-FRA
cf-request-id: 06eb12d9da000005d458aa9000000001

GET
H2 200 main.css
orladeyo.com/wp-content/themes/orladeyo-core/dist/css/ 25 KB
5 KB 143ms
142ms Stylesheet
text/css 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0180055f97124e9f978c92158c30899bde8482c65babe34b80c135b32b1ab4af

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:26:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GY7YtT2VdVx0eXWVitB2QfJkqeNU3eXtslLAiJ5JxN7J0t0OPPQH15M3X21SGRuoV%2FqNXW6WlboOT5CAolPGXxs510RYuyp9NJB3%2BCEnI7MBjjTSCN26W%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda2fbb205d4-FRA
cf-request-id: 06eb12d9da000005d45216e000000001

GET
H2 200 main.css
orladeyo.com/wp-content/themes/orladeyo-patient/dist/css/ 579 B
526 B 133ms
132ms Stylesheet
text/css 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-patient/dist/css/main.css?ver=5.5
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d266d7b2767953a35a109abc647040005514bd272eddf291baa8eb05dcb413cb

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:26:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M4k5sYjJNK0Oz8FApJm%2BIFdNdx8aWdE2zTvxtRhYgsscTOz4CUFv33ASaYmSTwzhtmuWRV6uZMEAzmNVVzT3lcpyJw6RNyugFd0fzkpkR%2Ba42wOnefkZEbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda2fbb405d4-FRA
cf-request-id: 06eb12d9dc000005d48b82e000000001

GET
H2 200 jquery.js Show response
orladeyo.com/wp-includes/js/jquery/ 95 KB
32 KB 174ms
173ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mlqpG4P4bQVqIVJEBREkXzu6sgGekWeUtRqpfMDWhpTi5xEoKClRFenEslK9WSY%2BSUhcKHqqIaaN5rW2qxm1hqYYfYCi2hAOriDKltBIyz7ApuwMpWYUHcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda2fbb705d4-FRA
cf-request-id: 06eb12d9db000005d47ebe3000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
55 KB 37ms
34ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38a6592884b413f7eae3d7ec60053daf9c5e25738495f8ea01596aebb0920bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56260
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 21:48:05 GMT

GET
H2 200 capsule.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 2 KB
2 KB 128ms
126ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/capsule.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f987bb2ba1f2597f21de050deacee510a5c334ac92f81d6b53eebdd5fc569c7

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wkDC1rwzMfO%2FMiacvF8w%2FiLR7RniMZNEOdddQXxBe5cKYmjXwQ89phPkyNKHfU3%2FzQRg7tV6m0yQC9AbvpfVly0W3AFRP7rbSdGRHR4T3FLdMiAIcbxPey4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d8805d4-FRA
content-length: 1670
cf-request-id: 06eb12da3a000005d447af4000000001

GET
H2 200 orladeyo.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 5 KB
5 KB 121ms
119ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/orladeyo.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf773b44cc6edc019c0b6cffbbf3b49e4f3e11001a2780608be60f1114df6a9

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UnAQSNSLt9QedQ7Hp2jyFIENnBYuXenaeAqW%2F8cnBqufnR00fedAJhFgcGP4hBgYRGl%2FE%2BN%2FJ74tRvCTBNUyhfcCrVsQEnAWXDU8r3%2FM6HC%2BV42WwLxE5iE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d8905d4-FRA
content-length: 4928
cf-request-id: 06eb12da3a000005d45217b000000001

GET
H2 200 mail-icon.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 3 KB
3 KB 125ms
123ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/mail-icon.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 338b6f4402bce792fd0e6a4162d2002c497d6eb3997072d28635221fdfdecc56

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A1HiIwvV0YA0hxhpY%2F7eO7gonqLIxEsWU8cdcwjCTEu8GQtt%2Fbz7fx9PD%2FrQK1JKIs3EoOZfj7XFr7RdT8FATgk7a5E4rPndNgYSkyyEY1j6BreAw66e7hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d8b05d4-FRA
content-length: 2824
cf-request-id: 06eb12da3b000005d458abb000000001

GET
H2 200 document-icon.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 2 KB
3 KB 129ms
127ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/document-icon.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3aa6cd404741f171063505eec1279339c2b783d40a219dc892f3d1e626adda1

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HbnXIXMh44LehH71N9LJWfPKDH78iS%2BIQ9VGC4HktJOQHwsiG74vDKUkZBw1iumB70otQFVY8rxxeATc4MTiibOszRM%2Bzu1jAyeBs1lhj9iVmUb2%2BOr34eU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d8d05d4-FRA
content-length: 2522
cf-request-id: 06eb12da3b000005d44120f000000001

GET
H2 200 call-icon.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 3 KB
3 KB 141ms
139ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/call-icon.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12be6b2cac27f6a24203c9bfa8e2db8092b11578f3f05884ac98bf35e3e15bf5

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5PX656jQTawBGStTFGh5a%2B5%2Fs64MFTMb7gzf6zgz7hhyGEpi1IHl6pUdg8r0PStAns3t3imnvDtvONuVq48bsFZIXTENRoATQrmHj39PmErvNzyCrKCeLLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d8f05d4-FRA
content-length: 2702
cf-request-id: 06eb12da3b000005d45f2a5000000001

GET
H2 200 biocryst.png
orladeyo.com/wp-content/themes/orladeyo-core/dist/images/ 5 KB
6 KB 135ms
133ms Image
image/png 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/images/biocryst.png
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c9020fa809abcc0729b89cb0ef7f0280718cfba48e8c7b68e3ca361fc67b48

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kGQJQmcEIJt%2BoOq%2Bomnm7P4BC%2B0VJVGdi76iGPvAtoDBK500%2FIOVCSl6WzClFY2EF2tR%2BmepGZ2mFpWPuhepTNcu1ZQhF%2Bxxou%2BCYFGqfH%2B8gRY8naY4pWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda38d9005d4-FRA
content-length: 5550
cf-request-id: 06eb12da3b000005d4a19e8000000001

GET
H2 200 email-decode.min.js Show response
orladeyo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
9ms Script
application/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orladeyo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06eb12da38000005d4a7bac000000001
last-modified: Wed, 02 Dec 2020 12:50:47 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fc78da7-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cdlya%2Fn5cYWA5xP21d7IViCPTH51I8XmJNYhj6J%2BuyingA5C8r%2Bz8zFo8F9uz1LbpNw5mbqHSkXnTt2143P%2BQiBF5aiJh1URm%2B0MWL8VRatXO1Ui2ysq5j0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5ff1eda38d7c05d4-FRA
expires: Fri, 11 Dec 2020 21:48:05 GMT

GET
H2 200 main.js Show response
orladeyo.com/wp-content/themes/orladeyo-core/dist/js/ 14 KB
5 KB 140ms
138ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/js/main.js
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd67b2881ee38e618606f7964988b8e717ced9a59e37acda15d6dc63bfb70ba

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dezAwX7tm3n%2F5ovX6TNBvpIKQCRI%2F7cgSJYp5edeeof6XfUoO1VyopsDMn00d18ay8w1SBxRLZEbeUw4ZIyretnM18cnGN4mLr3ch3W%2BR9PvzQBklc9Ds48%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda38d7e05d4-FRA
cf-request-id: 06eb12da3a000005d4649f5000000001

GET
H2 200 main.js Show response
orladeyo.com/wp-content/themes/orladeyo-patient/dist/js/ 1 KB
999 B 135ms
132ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-patient/dist/js/main.js
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d933e9e7dfea7ebb78b9ea718a9ca7309fb8b6424901308aa89a1d550ae025c6

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PDXSeMKVZMWu0L91o2tapCx6b4f%2FxMy%2F5u8ECNZkEkfFuijbJihVcfWBHB16cRzaP6y%2BXA1eie7LHLQgFMSz43SpxkB4hoUQx1xGeb1VsgCGh5Tl27fhWUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda38d8505d4-FRA
cf-request-id: 06eb12da3a000005d4b8ac3000000001

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/e7b35f9a-be32-41ac-a152-7aa238e8c1b1/orladeyo.com/ 284 B
541 B 30ms
13ms Script
application/x-javascript 2a02:26f0:1700:794::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/e7b35f9a-be32-41ac-a152-7aa238e8c1b1/orladeyo.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:794::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 80bcd8df1b022dde8d40808e0f8b351c9d27fafa192cf745bf9b1744f7cb2f6a

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
last-modified: Fri, 04 Dec 2020 02:12:07 GMT
server: AkamaiNetStorage
etag: "486f29deaa6d34ede302f6231bca1f67:1607047927.057565"
content-type: application/x-javascript
cache-control: max-age=17878
server-timing: cdn-cache; desc=HIT, edge; dur=7
accept-ranges: bytes
content-length: 284
expires: Thu, 10 Dec 2020 02:46:03 GMT

GET
H2 200 3b8324
hello.myfonts.net/count/ 0
162 B 77ms
19ms Stylesheet
text/css 152.199.21.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/3b8324
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AA3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
last-modified: Fri, 17 Apr 2020 15:38:14 GMT
server: ECAcc (ama/8AA3)
age: 19982065
etag: "3364556309"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 0
expires: Wed, 09 Dec 2020 21:48:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 7125
date: Wed, 09 Dec 2020 19:49:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 09 Dec 2020 21:49:20 GMT

GET
H3-Q050

200

activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
10081570.fls.doubleclick.net/ Frame 586E
Redirect Chain

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
https://10081570.fls.doubleclick.net/activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F...

0
0

84ms
53ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10081570.fls.doubleclick.net/activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10081570.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orladeyo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Dec-2020 22:03:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10081570.fls.doubleclick.net/activityi;dc_pre=CJiVh53wwe0CFZDnuwgdD2QEKw;src=10081570;type=comin0;cat=orla_0;ord=1;num=5238630571001;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 71 KB
23 KB 7ms
6ms Script
application/javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=e7b35f9a-be32-41ac-a152-7aa238e8c1b1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8e0d2ab4f0a4a7e5a6c1755abf9d48ac795a9ab41c35802bbda956e4338ff50f

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Dec 2020 10:43:17 GMT
server: Microsoft-IIS/10.0
etag: "e46e1c61c9d61:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=397
accept-ranges: bytes
content-length: 23556
expires: Wed, 09 Dec 2020 21:54:42 GMT

GET
H/1.1

200
OK

ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]
bm.adentifi.com/pixel/conv/
Redirect Chain

https://bm.adentifi.com/pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552
https://bm.adentifi.com/pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552;ip=82.102.19.136;cuidchk=1

42 B
768 B

116ms
115ms

Image
image/gif

54.84.190.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bm.adentifi.com/pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552;ip=82.102.19.136;cuidchk=1

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.190.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-190-213.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Dec 2020 21:48:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 09 Dec 2020 21:48:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=6956;g=landing_page;gid=25138;ord=[uniqueid]?gtmcb=75047552;ip=82.102.19.136;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 200 set.aspx
bh.contextweb.com/bh/ 0
318 B 307ms
102ms Image
text/plain 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5788&token=ZHKQGE&do=add&rurl=NOREDIRECT&gtmcb=2115697400

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
cache-control: private, max-age=0, no-cache, no-store
expires: -1
server: Jetty(9.4.14.v20181114)
cw-server: bh-deployment-659d447f4f-hkjb2
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"

GET
H2 200 font.woff2
orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Bold/ 33 KB
33 KB 145ms
144ms Font
application/octet-stream 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Bold/font.woff2
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb9eaf3ab5c12d34d272f8eb1c66baf93aa0680e3d4f57bd3d70beb0d1074ea

Request headers

Origin: https://orladeyo.com
Referer: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMDfEOiS4Bh%2BnEnO%2FL5JOZ2g17n0Z5RpE33vJANpOIjzt0a%2BSyMLy9BruE0NCgj7fPUXsIHwoTuSdBKkKi931F7I2aekvt4PANHgKFWU4TCRtEL3c2fLnlA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda4785305d4-FRA
content-length: 33832
cf-request-id: 06eb12dad0000005d493a80000000001

GET
H2 200 font.woff2
orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Demi/ 32 KB
32 KB 161ms
160ms Font
application/octet-stream 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Demi/font.woff2
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea742362b4dfce7b0004c210f872d1c6b2a72f1f205ba62c80b54533b956341a

Request headers

Origin: https://orladeyo.com
Referer: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0a99RkMWvb%2F9o42DBRXB488iOzcI930l1aVn8szleW54T2oVhrO52un7Vu2BOAE%2FGv7CacLrp8%2F4DhPrtI2Kwq0DU5CP9i9mP3mxcytZMwedAIVa6cn263Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda4785d05d4-FRA
content-length: 32912
cf-request-id: 06eb12dad0000005d4aeade000000001

GET
H2 200 font.woff2
orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Regular/ 32 KB
32 KB 146ms
145ms Font
application/octet-stream 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Regular/font.woff2
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946071370fccd17fa6dd5eb616fe68768af681b7901d773f850eedef836ebc43

Request headers

Origin: https://orladeyo.com
Referer: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H4SvIYEL%2FqEF37TA3zn0IPinuKh01%2FenUKgDT3HqCAHwfYXAp%2BRqSyl0nujnZrUu0DAnkcRyJhIyUiVKUTL2rORWAQRq1obIAF4Yz0L0F4Iv4%2BpLC5tCon8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda4786005d4-FRA
content-length: 32544
cf-request-id: 06eb12dad0000005d47b1b3000000001

GET
H2 200 font.woff2
orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Medium/ 32 KB
33 KB 139ms
139ms Font
application/octet-stream 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/fonts/AvenirNextLTPro-Medium/font.woff2
Requested by: Host: orladeyo.com
URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680c6117edc98b908a9c677d111e3365ca6ad9d927ee9cd315d697b98108d915

Request headers

Origin: https://orladeyo.com
Referer: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/css/main.css?ver=5.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cMJub%2FdGfHCl1YEWSOBj68AquXJ5hfQffZJHPLlw1Hs7OfoVAje8KUT1AU4Q8CxN6IDfPLC0PXVwmp7vn7qVlXH%2B7nU%2BUHfw2i7DOwH88gI3qZlui0IkDFo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5ff1eda4886205d4-FRA
content-length: 33088
cf-request-id: 06eb12dad1000005d480a9c000000001

GET
DATA 200
OK truncated
/ 193 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e786ec23708d39d9d98893213c2977c3edd52706f7cf7be76a204a7a00ebd90

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bc.min.html
consentcdn.cookiebot.com/sdk/ Frame 681E 0
0 9ms
6ms Document
text/html 2a02:26f0:1700:794::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:794::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: consentcdn.cookiebot.com
:scheme: https
:path: /sdk/bc.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orladeyo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orladeyo.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "050e4adb822a6bf552eb219e8945446d:1599652698.304056"
last-modified: Wed, 09 Sep 2020 11:58:18 GMT
server: AkamaiNetStorage
content-length: 779
cache-control: max-age=517
expires: Wed, 09 Dec 2020 21:56:42 GMT
date: Wed, 09 Dec 2020 21:48:05 GMT
server-timing: cdn-cache; desc=HIT edge; dur=2

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2140386604&t=pageview&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=763305665&gjid=651077352&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&_r=1&gtm=2wgbu0K7JTG9W&z=115494759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 21:48:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orladeyo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Scrolled%20249%20-%2010%25&el=https%3A%2F%2Forladeyo.com%2F&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=1702112795

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Scrolled%20623%20-%2025%25&el=https%3A%2F%2Forladeyo.com%2F&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=1799317172

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 26ms
26ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-137803056-2&cid=1460983790.1607550485&jid=763305665&gjid=651077352&_gid=1043111554.1607550485&_u=YEBAAEAAAAAAAC~&z=836614260

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Dec 2020 21:48:05 GMT
content-type: text/plain
access-control-allow-origin: https://orladeyo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/e7b35f9a-be32-41ac-a152-7aa238e8c1b1/ 104 KB
28 KB 123ms
122ms Script
application/x-javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/e7b35f9a-be32-41ac-a152-7aa238e8c1b1/cc.js?renew=false&referer=orladeyo.com&dnt=false&forceshow=false&cbid=e7b35f9a-be32-41ac-a152-7aa238e8c1b1&whitelabel=false&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: dbee7ab6c42bc5876fad61c4c0995733b7cccafb89f7e9812f6621969ea08faf

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 21:48:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1200
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 27803

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Scrolled%20209%20-%2010%25&el=https%3A%2F%2Forladeyo.com%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=1867396215

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Scrolled%20523%20-%2025%25&el=https%3A%2F%2Forladeyo.com%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=1833024307

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Scrolled%201047%20-%2050%25&el=https%3A%2F%2Forladeyo.com%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=424453864

Requested by

Host: orladeyo.com
URL: https://orladeyo.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.js Show response
orladeyo.com/wp-includes/js/jquery/ 95 KB
32 KB 173ms
173ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YOYwoBeO6aNSAwaIIS%2B82pdKdx%2BRSR6t%2FtrJDssrDVpWFZG1lafh4kS1YVORw62HMSdzrVf5XaspkCKu98QfLLu5CD4bZsoa7ZrdZSeOXI6UZbRvT%2Bjlk7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda7d9b705d4-FRA
cf-request-id: 06eb12dce2000005d4772aa000000001

GET
H2 200 email-decode.min.js Show response
orladeyo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orladeyo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06eb12dd9f000005d478243000000001
last-modified: Wed, 02 Dec 2020 12:50:47 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fc78da7-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8FSHbH%2FEcwMRZfSjEB1gD6pihKkDCZu7iN7N2SnBhuHNeijHmNA2WA29Kdd%2F7QY%2F9X2g4FBN%2FoeAZTAFmbipAbm2whMtZp3c3FJh2C2qsn266tFFudf6Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5ff1eda8fd0505d4-FRA
expires: Fri, 11 Dec 2020 21:48:05 GMT

GET
H2 200 main.js Show response
orladeyo.com/wp-content/themes/orladeyo-core/dist/js/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-core/dist/js/main.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd67b2881ee38e618606f7964988b8e717ced9a59e37acda15d6dc63bfb70ba

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=itCm1zUaYfCI3hFLE9gvwavL36F0SRJVHFe0Agy7yoja%2FnH9i8L5TWdxYtI0rDA%2BhEX5V9Djxiy6tvNEdjfXodGdas%2B75Ut%2Bdy6ywY0Qmf71D472wdLFums%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda90d3a05d4-FRA
cf-request-id: 06eb12ddaa000005d46f979000000001

GET
H2 200 main.js Show response
orladeyo.com/wp-content/themes/orladeyo-patient/dist/js/ 1 KB
965 B 13ms
12ms Script
text/javascript 2606:4700:3032::6812:22a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orladeyo.com/wp-content/themes/orladeyo-patient/dist/js/main.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:22a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d933e9e7dfea7ebb78b9ea718a9ca7309fb8b6424901308aa89a1d550ae025c6

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 21:48:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Dec 2020 18:24:20 GMT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3X07tLJjzlrtC6pGawJNiEpiQ6Dor%2F0MWrmfcH1Ccl9fDSEs9T1C6a4rT72id1kVcmOmeYQPk1H8JuoZgijV983dUXpxPm3mG9weyc7qQoAHP1gwTsqM4es%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ff1eda92d8f05d4-FRA
cf-request-id: 06eb12ddbc000005d44a267000000001

GET
H3-Q050

200

activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
10081570.fls.doubleclick.net/ Frame 740B
Redirect Chain

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
https://10081570.fls.doubleclick.net/activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F...

0
0

39ms
38ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10081570.fls.doubleclick.net/activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10081570.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orladeyo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:07 GMT
expires: Wed, 09 Dec 2020 21:48:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 326
x-xss-protection: 0
set-cookie: IDE=AHWqTUlfdiXUkARV8oknURzXei7tp8yqYF4Q2hXljmBMxpbUOilz2CBHHjw6O-L5; expires=Mon, 03-Jan-2022 21:48:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10081570.fls.doubleclick.net/activityi;dc_pre=COSL8p3wwe0CFT3IuwgdT8oN4g;src=10081570;type=dtcjh0;cat=orlad0;ord=1;num=3720343392974;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 8ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=Page%20Load%20Time%20-%201.1&el=https%3A%2F%2Forladeyo.com%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=1038522207

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2140386604&t=event&ni=1&_s=1&dl=https%3A%2F%2Forladeyo.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Orladeyo.com%20-%20Official%20Site%20for%20HAE%20Patients%20%7C%20ORLADEYO%E2%84%A2%20(berotralstat)&ea=%2F%20Load%20Time%20-%201.1&el=https%3A%2F%2Forladeyo.com%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1460983790.1607550485&tid=UA-137803056-2&_gid=1043111554.1607550485&gtm=2wgbu0K7JTG9W&z=28479332

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orladeyo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 12:57:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F
10081570.fls.doubleclick.net/ Frame 0545
Redirect Chain

https://10081570.fls.doubleclick.net/activityi;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
https://10081570.fls.doubleclick.net/activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2...

0
0

33ms
33ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10081570.fls.doubleclick.net/activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7JTG9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10081570.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orladeyo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 383
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Dec-2020 22:03:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Dec 2020 21:48:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10081570.fls.doubleclick.net/activityi;dc_pre=CJun5aHwwe0CFabFuwgdAvkHFQ;src=10081570;type=comin0;cat=orla_00;ord=1;num=8686203370984;gtm=2wgbu0;auiddc=138088529.1607550485;~oref=https%3A%2F%2Forladeyo.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 14:32:31	Name: test_cookie Value: CheckForPermission
.orladeyo.com/	1970-01-19 14:33:56	Name: _gid Value: GA1.2.1043111554.1607550485
.orladeyo.com/	1970-01-20 08:03:42	Name: _ga Value: GA1.2.1460983790.1607550485
.orladeyo.com/	1970-01-19 14:32:30	Name: _gat_UA-137803056-2 Value: 1
.orladeyo.com/	1970-01-19 16:42:06	Name: _gcl_au Value: 1.1.138088529.1607550485
.orladeyo.com/	1970-01-19 15:15:42	Name: __cfduid Value: dc7253ce4d3d4d0f9302c31d657f831cc1607550484

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://consent.cookiebot.com/uc.js(Line 1) Message: WARNING: Cookiebot script is included twice - please remove one instance to avoid unexpected results.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10081570.fls.doubleclick.net
bh.contextweb.com
bm.adentifi.com
consent.cookiebot.com
consentcdn.cookiebot.com
empowersupport.net
hello.myfonts.net
orladeyo.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
152.199.21.2
198.148.27.139
216.58.208.38
2606:4700:3032::6812:22a8
2606:4700:3034::681f:48bd
2a00:1450:4001:80b::200e
2a00:1450:4001:818::2008
2a00:1450:400c:c02::9d
2a02:26f0:1700:11::b856:6785
2a02:26f0:1700:794::f09
54.84.190.213
0180055f97124e9f978c92158c30899bde8482c65babe34b80c135b32b1ab4af
04c191a52db8956695a33cd8dc2002e667c83bc706fc94eb2506e2c44b4c0667
0ddc6189bb154a5d341e7a1336f88a576398c4ca58d854c013c5d507c47a2db2
12be6b2cac27f6a24203c9bfa8e2db8092b11578f3f05884ac98bf35e3e15bf5
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f987bb2ba1f2597f21de050deacee510a5c334ac92f81d6b53eebdd5fc569c7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
338b6f4402bce792fd0e6a4162d2002c497d6eb3997072d28635221fdfdecc56
38a6592884b413f7eae3d7ec60053daf9c5e25738495f8ea01596aebb0920bf8
5cb9eaf3ab5c12d34d272f8eb1c66baf93aa0680e3d4f57bd3d70beb0d1074ea
680c6117edc98b908a9c677d111e3365ca6ad9d927ee9cd315d697b98108d915
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd67b2881ee38e618606f7964988b8e717ced9a59e37acda15d6dc63bfb70ba
6e786ec23708d39d9d98893213c2977c3edd52706f7cf7be76a204a7a00ebd90
80bcd8df1b022dde8d40808e0f8b351c9d27fafa192cf745bf9b1744f7cb2f6a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e0d2ab4f0a4a7e5a6c1755abf9d48ac795a9ab41c35802bbda956e4338ff50f
946071370fccd17fa6dd5eb616fe68768af681b7901d773f850eedef836ebc43
a3aa6cd404741f171063505eec1279339c2b783d40a219dc892f3d1e626adda1
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
d266d7b2767953a35a109abc647040005514bd272eddf291baa8eb05dcb413cb
d933e9e7dfea7ebb78b9ea718a9ca7309fb8b6424901308aa89a1d550ae025c6
dbee7ab6c42bc5876fad61c4c0995733b7cccafb89f7e9812f6621969ea08faf
dcf773b44cc6edc019c0b6cffbbf3b49e4f3e11001a2780608be60f1114df6a9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9c9020fa809abcc0729b89cb0ef7f0280718cfba48e8c7b68e3ca361fc67b48
ea742362b4dfce7b0004c210f872d1c6b2a72f1f205ba62c80b54533b956341a

orladeyo.com Open in urlscan Pro 2606:4700:3032::6812:22a8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

404 kBTransfer

976 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orladeyo.com Open in urlscan Pro
2606:4700:3032::6812:22a8 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

404 kB
Transfer

976 kB
Size

6
Cookies

44 HTTP transactions
1 data transactions