www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ocregister.com/
Effective URL:
https://www.ocregister.com/
Submission: On April 30 via api (April 30th 2021, 7:52:37 pm UTC) from US

Summary HTTP 245 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 74 IPs in 9 countries across 57 domains to perform 245 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is www.ocregister.com.
TLS certificate: Issued by R3 on March 31st 2021. Valid for: 3 months.

This is the only time www.ocregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	13.224.105.229 13.224.105.229	16509 (AMAZON-02) (AMAZON-02)
2	65.9.84.50 65.9.84.50	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.106.119 13.224.106.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:f000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.84.49 65.9.84.49	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:2400:c:2267:880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1b7::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
13	3.225.112.210 3.225.112.210	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.101.50 143.204.101.50	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.106.84 13.224.106.84	16509 (AMAZON-02) (AMAZON-02)
11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
3	2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	13.224.106.54 13.224.106.54	16509 (AMAZON-02) (AMAZON-02)
1 2	52.70.122.68 52.70.122.68	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.86.61 65.9.86.61	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 7	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.184.0.136 18.184.0.136	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.155.156.166 213.155.156.166	1299 (TELIANET ...) (TELIANET Telia Carrier)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8 9	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
2 3	52.30.186.230 52.30.186.230	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
6	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.101.90 143.204.101.90	16509 (AMAZON-02) (AMAZON-02)
1	52.217.196.217 52.217.196.217	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f13... 2a03:2880:f13f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	172.67.75.166 172.67.75.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.69.65.23 13.69.65.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 7	18.157.239.120 18.157.239.120	16509 (AMAZON-02) (AMAZON-02)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.17.123.176 2.17.123.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:120... 2a02:26f0:120::211:7ba9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
245	74

24 192.0.66.2 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.50 (United States)

ASN16509 (AMAZON-02, US)

mng-ocregister.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-119.mad50.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:f000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.49 (United States)

ASN16509 (AMAZON-02, US)

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:2400:c:2267:880:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.go-fet.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1b7::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ayc0zsm69431gfebd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.225.112.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-112-210.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-50.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-84.mad50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.106.54 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-54.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.122.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-122-68.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.61 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.0.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.186.230 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-186-230.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.90 (United States)

ASN16509 (AMAZON-02, US)

d1wa9546y9kg0n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.196.217 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f13f:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.69.65.23 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.157.239.120 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.24 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.123.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-123-176.deploy.static.akamaitechnologies.com

xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:120::211:7ba9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

1737ad59.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ocregister.com 1 redirects ocregister.com www.ocregister.com projects.ocregister.com Failed	517 KB
22	doubleclick.net 8 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	162 KB
21	googlesyndication.com bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	140 KB
16	pubmatic.com ads.pubmatic.com image6.pubmatic.com hbopenbid.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	35 KB
14	blueconic.net cdn.blueconic.net digitalfirstmedia.blueconic.net	572 KB
13	google-analytics.com www.google-analytics.com	75 KB
10	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz	205 KB
10	3lift.com 2 redirects ib.3lift.com tlx.3lift.com eb2.3lift.com	4 KB
8	criteo.com bidder.criteo.com dis.criteo.com gum.criteo.com	2 KB
8	google.com www.google.com adservice.google.com	2 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	71 KB
7	adnxs.com 3 redirects ib.adnxs.com	6 KB
6	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net	413 KB
5	criteo.net static.criteo.net	38 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net	1 KB
4	visualstudio.com dc.services.visualstudio.com	1017 B
4	googletagservices.com www.googletagservices.com	134 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	google.be adservice.google.be	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	facebook.net connect.facebook.net	168 KB
3	azureedge.net loader-cdn.azureedge.net fp-cdn.azureedge.net g2insights-cdn.azureedge.net	238 KB
3	googletagmanager.com www.googletagmanager.com	159 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	731 B
2	facebook.com www.facebook.com	276 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	1 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	rubiconproject.com fastlane.rubiconproject.com	7 KB
2	google.de www.google.de	214 B
2	parsely.com cdn.parsely.com p1.parsely.com	18 KB
2	trkn.us 1 redirects trkn.us	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d1wa9546y9kg0n.cloudfront.net	8 KB
2	go-mpulse.net c.go-mpulse.net	51 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	go-fet.ch c.go-fet.ch	39 KB
2	zeustechnology.com mng-ocregister.zeustechnology.com	104 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	akstat.io 1737ad59.akstat.io	359 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	db-ip.com api-mg2.db-ip.com	968 B
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com	1 KB
1	mathtag.com 1 redirects sync.mathtag.com	679 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	quantcount.com rules.quantcount.com	436 B
1	webcontentassessor.com scripts.webcontentassessor.com	24 KB
1	indexww.com js-sec.indexww.com	23 KB
1	polyfill.io polyfill.io	573 B
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	p-n.io cdn.p-n.io	70 KB
1	osano.com cmp.osano.com	81 KB
0	bing.com Failed c.bing.com Failed
245	57

	Domain	Requested by
23	www.ocregister.com	www.ocregister.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net scripts.webcontentassessor.com tpc.googlesyndication.com
13	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ocregister.com az416426.vo.msecnd.net
13	digitalfirstmedia.blueconic.net	cdn.blueconic.net az416426.vo.msecnd.net
11	securepubads.g.doubleclick.net	mng-ocregister.zeustechnology.com securepubads.g.doubleclick.net az416426.vo.msecnd.net www.ocregister.com www.googletagservices.com
10	cdn.ayc0zsm69431gfebd.xyz	ajax.googleapis.com cdn.ayc0zsm69431gfebd.xyz
9	cm.g.doubleclick.net	8 redirects eb2.3lift.com
7	eb2.3lift.com	2 redirects ib.3lift.com eb2.3lift.com
7	ib.adnxs.com	3 redirects mng-ocregister.zeustechnology.com eb2.3lift.com az416426.vo.msecnd.net
6	pagead2.googlesyndication.com	www.googletagservices.com az416426.vo.msecnd.net tpc.googlesyndication.com
6	prod-dfm-proxy-connext.azurewebsites.net	cdn.ayc0zsm69431gfebd.xyz
6	bidder.criteo.com	static.criteo.net az416426.vo.msecnd.net
6	c.amazon-adsystem.com	www.ocregister.com c.amazon-adsystem.com az416426.vo.msecnd.net
5	www.google.com	www.ocregister.com scripts.webcontentassessor.com tpc.googlesyndication.com
5	static.criteo.net	mng-ocregister.zeustechnology.com
4	dc.services.visualstudio.com	az416426.vo.msecnd.net
4	www.googletagservices.com	scripts.webcontentassessor.com securepubads.g.doubleclick.net
4	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
4	sb.scorecardresearch.com	2 redirects www.ocregister.com
4	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.be	securepubads.g.doubleclick.net
3	match.adsrvr.org	2 redirects eb2.3lift.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	hbopenbid.pubmatic.com	mng-ocregister.zeustechnology.com az416426.vo.msecnd.net
3	connect.facebook.net	www.ocregister.com connect.facebook.net
3	ads.pubmatic.com	mng-ocregister.zeustechnology.com ads.pubmatic.com
3	www.googletagmanager.com	www.ocregister.com g2insights-cdn.azureedge.net
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	www.facebook.com	www.ocregister.com connect.facebook.net
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	tlx.3lift.com	mng-ocregister.zeustechnology.com az416426.vo.msecnd.net
2	fastlane.rubiconproject.com	mng-ocregister.zeustechnology.com az416426.vo.msecnd.net
2	www.google.de	www.ocregister.com
2	stats.g.doubleclick.net	www.google-analytics.com az416426.vo.msecnd.net
2	trkn.us	1 redirects www.ocregister.com
2	c.go-mpulse.net	www.ocregister.com c.go-mpulse.net
2	c.go-fet.ch	www.ocregister.com c.go-fet.ch
2	mng-ocregister.zeustechnology.com	www.ocregister.com
1	as-sec.casalemedia.com	az416426.vo.msecnd.net
1	htlb.casalemedia.com	az416426.vo.msecnd.net
1	1737ad59.akstat.io	c.go-mpulse.net
1	fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	b1sync.zemanta.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	api-mg2.db-ip.com	cdn.ayc0zsm69431gfebd.xyz
1	simage4.pubmatic.com	ads.pubmatic.com
1	bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	paywall-ad-bucket.s3.amazonaws.com	www.ocregister.com
1	d1wa9546y9kg0n.cloudfront.net	cdn.ayc0zsm69431gfebd.xyz
1	pixel.quantserve.com	www.ocregister.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	p1.parsely.com	www.ocregister.com
1	image6.pubmatic.com	ads.pubmatic.com
1	g2insights-cdn.azureedge.net	ajax.googleapis.com
1	fp-cdn.azureedge.net	ajax.googleapis.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	scripts.webcontentassessor.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	ib.3lift.com	mng-ocregister.zeustechnology.com
1	js-sec.indexww.com	mng-ocregister.zeustechnology.com
1	pixel.wp.com	www.ocregister.com
1	d1z2jf7jlzjs58.cloudfront.net	www.ocregister.com
1	polyfill.io	ajax.googleapis.com
1	az416426.vo.msecnd.net	www.ocregister.com
1	stats.wp.com	www.ocregister.com
1	cdn.p-n.io	www.ocregister.com
1	cmp.osano.com	www.ocregister.com
1	cdn.blueconic.net	www.ocregister.com
1	ajax.googleapis.com	www.ocregister.com
1	fonts.googleapis.com	www.ocregister.com
1	ocregister.com	1 redirects
0	c.bing.com Failed	eb2.3lift.com
0	projects.ocregister.com Failed	www.ocregister.com
245	87

This site contains links to these domains. Also see Links.

Domain
comicskingdom.com
obits.ocregister.com
adportal.ocregister.com
checkout.ocregister.com
myaccount.ocregister.com
mng-prod.auth0.com
enewspaper.ocregister.com
facebook.com
twitter.com
instagram.com
www.socalnewsgroup.com
www.digitalfirstmedia.com
digitalfirstmedia.wd5.myworkdayjobs.com
socalnewsgroup.mybrightsites.com
marketplace.ocregister.com
careers.socalnewsgroup.com
topworkplaces.com
ocregister.ca.newsmemory.com
mediakit.scng.com
ads.scng.com
ocregister.mycapture.com
www.thecannifornian.com
www.medianewsgroup.com
vip.wordpress.com

Subject Issuer	Validity	Valid
develop.ocregister.com R3	`2021-03-31` - `2021-06-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.zeustechnology.com Amazon	`2020-06-13` - `2021-07-13`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
cmp.osano.com Amazon	`2020-08-26` - `2021-09-25`	a year	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.go-fet.ch Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.3lift.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni22a5dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-01-27` - `2022-02-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2 years	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2 years	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-20` - `2022-03-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.google.be GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2021-04-21` - `2022-04-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.ocregister.com/
Frame ID: 76CD9056C6BA42DA06A6C73538A68AE8
Requests: 165 HTTP requests in this frame

Frame: https://projects.ocregister.com/extras/embeds/2020/coronavirus/covidchart.php?site=OCR
Frame ID: B363B40FBF5BD8B819C65A60BCD9ADB9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 58D61ED5951C0103F52EE1DB13D19AF6
Requests: 15 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6615568835501980393
Frame ID: A83D20E9EF8CD3C56D3471DFAF43B86A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A72AAA802FAE4CCFA4EE516987B04B4E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTn2tpXRDU_mwB08V0nLUStVRo1_s6yMFEbSRBU_pdteGwVgxeIZQh_V43NOWpdBpn3y8Srl1kl83_uqqn0FToLzMO9KjeF_ei-MXGHumKAV235zjwIcSpChdFazJFgGNA6R_HUK0OZW8ylB-iY51v0ix2TYHpLri79CYt8JehjsKy_nRSlLN71Ej9e9r9wqQbvkOFoaXl24nJl5gUeCrwWLF2ilWwE44ZDUvq0reH6i8CPeipG_a7aYS5uMK7XLVDy5O5NlKMRAVfgel4EG4ZEkFvmqDRTMV_U8ipeqygxt_v_ZUqLCNi9edd-HCwoD7bzYLp&sig=Cg0ArKJSzNbA3ti5ViPUEAE&adurl=
Frame ID: F808F28100049A92453EB815861ED798
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst55r-UoSWbTZZbBf8N4NVBREiFzhmqcx4KFOckKhEEEUYaXXBHaGfAecSKS1zXgtyYEyuKM9dQWJMbh6Mi_dUx0qYClB_CXAmJvmVyAiSGuhrzBfe5gSDjJFsJLPLBSyvnq_YxSBebnKRSdmlcuDa7_QFG447zJ9w73If9u6P7brjrtXBFDNtD7bYLD_kgbyWmmINh86W-uWu_BSbTE2pAYFhfWBIN9II4d04ZH3iaMMI8M6v5Kl0blbEYZC1Pr_dJPFbYEVtnsqwvDR9Nqs-jzhMfD9pyUMexpVkqWgyn9n_f8LpevlLZ3OO999zeQ1V4fqCBKTkhY-Q&sig=Cg0ArKJSzPLWABl3_fEkEAE&adurl=
Frame ID: E56058F2D1CCB74A0284CD7981BA4A64
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN0ZRWB2tXLv1TwUfB9aD7sY06z_sbZeYujTeuY3L2GW6Mpc8OXu-_neVT9ntth55g1RJBSGqZdDMOlYykYOaWz4snbmSliMewstH3Lvtsik_56hJKHlq8vT_FoUbVD7KiRtnY_eUtN11JzI9is8MD3NTGhpZTl0uUXTFCqSZXUiw74wJPTjRN0udyANHBD0f71nQVhwXkMJaMb6oMg6jzVV3AyJn5SAUpPCAQsoNic88d0Y-hSi5eDomR1dWWQERa6hNlnMOvRsKFuEO5Ib5S5tTjEf8_qtkBUAmJltKdJ6ZXAOgpHsi8S4jRK3VkJ54Pmk5DN2xHb_g&sig=Cg0ArKJSzNdU9vJh1-YXEAE&adurl=
Frame ID: 94695E213DF3FB721D4FBC70724E4377
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ocregister.com
Frame ID: 58FB0B25A87A84106B6528D52413B18F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 6F50CAB4021E4230BA6B616C237C560D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CC4424D31C1DDDA184780DAEF649483C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2978BE1FF5C5EA640C06A23EF48A73C0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuBP9-3hKnyAGu3PEGE5CutbJ0RVEoGq58l3_k-pDlt6x9nTh_ZKqUSHh9r7fPPYmQ-L3dWyw70Z90f3tTqMHqIYnrh3Th7ivhYYScq_B4KZYW0L6BgJCZZ7SnqAeYVlgnieyLs8VST2S_bCYe-d7OR3LGSbkZhrUcdirJzdbihJY5yhbXxFUbc_TwnRY6ONkA2XgYfYXGfFha85KXoo2wgyE41Rm6AmkRwfhKvcNNAKJZ7t3hY2SWk4ts9TZzEFUG2CVj3fhLjht_GOiOfg_Sh5_dPgvnhNXEQKWZXNPs4BZ9GBvWoy0_WYZrGpT4mpYvw8AZ&sig=Cg0ArKJSzLL7DLXjKAnQEAE&adurl=
Frame ID: 84CBEA6179A240FA527446715D4F1F0C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCe18FgYE_t84y07VRnMS1IUF5FoP4HBDjstzLG6zBbcG8wsL8sXieb4bbHdgBU7zFFURwX4ZZ7JJwJZbZuivf_Q-EoUps94IHpUFfNCHNvE9PY9iDl0ahfvmT40EkLdHDP4Te45nWMLOOaFeemsxRWpA1KyCwegMUfwrJOIdVa3JOyrEwfODGp6S3ARyKSJba9DPA7faBdrH2pqEdatgIAt4Bb7tJdCgTywkQn5JmUYh0LgoDQWVhIuGbD5du_GcXb-qITfIlQP9NaizFP2Ms3PjyVB8QX2g2T6tkUDFysIRT59-ftEwabYLhXdjs3OYdBjEb5GFxuhQ&sig=Cg0ArKJSzHUW2c_vQjDjEAE&adurl=
Frame ID: C7AB44E06941F1082F9F8146239CD5A9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmJXvyv6lflFKmZrvP-696KGhwrOlRjonVbwHMDeLaTsHrixf9rLBLcVPX2FBehAEayr_bWxGLRkDhTODQnKBT24kLdS81CkuuyWEPIITVkW440ZDg2_8XMz_zFzFzpHHrV3noyfu7fuug_VeNl8VFyJHyHIKOc_HCw4UbCS4m_BZg9WwyMwn4MqCTvb0PEkG2OIEUsTinO-xSXqoYrqEaQaHk6D02bc1CrZSIxZO7Vx1yGZuyP9lPVzj4ADIrRc1oOz_33IRyBoy00gDcgtOdv0yEMn2D85MiVjwAZHkWnoWSu-kRLiduycvIe2Ch2oaFkynLq_uOjC8&sig=Cg0ArKJSzCpnpoZNivWOEAE&adurl=
Frame ID: 5EFD19AA358047E635A88C8B9B67BDE1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

245
Requests

92 %
HTTPS

43 %
IPv6

57
Domains

87
Subdomains

74
IPs

9
Countries

3540 kB
Transfer

12717 kB
Size

3
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV&returnUrl=https%3A%2F%2Fwww.ocregister.com%2F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/login.aspx
Title: Log In

Search URL Search Domain Scan URL

URL: https://mng-prod.auth0.com/v2/logout?returnTo=https%3A%2F%2Fwww.ocregister.com
Title: Logout

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/preference
Title: Sign Up For Newsletters

Search URL Search Domain Scan URL

URL: https://enewspaper.ocregister.com/
Title: E-edition

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/
Title: Subscribe + Subscriber Services

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://facebook.com/ocregister
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ocregister
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ocregister
Title: Instagram

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/access.aspx?utm_source=adtila&utm_medium=website&utm_campaign=access

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/about-scng-1/
Title: Southern California News Group

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://digitalfirstmedia.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://socalnewsgroup.mybrightsites.com/
Title: Company Store

Search URL Search Domain Scan URL

URL: http://marketplace.ocregister.com/ocr
Title: Classified

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://topworkplaces.com/publication/ocregister/
Title: Top Workplaces

Search URL Search Domain Scan URL

URL: http://ocregister.ca.newsmemory.com/marketplace.php
Title: Local Ads

Search URL Search Domain Scan URL

URL: http://ocregister.ca.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/advertise-with-us/
Title: MediaNews Group Advertising

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-classified/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://mediakit.scng.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://ads.scng.com/adtaxi19/mediakits/ocr
Title: Political Media Kit

Search URL Search Domain Scan URL

URL: http://ocregister.mycapture.com/mycapture/photoRequestForm.asp
Title: Photo Reprints

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/rewards
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: http://www.thecannifornian.com/
Title: The Cannifornian

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright/
Title: Copyright ©2021 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: http://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/california-consumer-privacy-act/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=

Request Chain 61

https://trkn.us/pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120 HTTP 302
https://trkn.us/pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120;ip=185.210.217.100;cuidchk=1

Request Chain 91

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6615568835501980393

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dsQXH7OCSHy1SnOcnrZTWA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dsQXH7OCSHy1SnOcnrZTWA%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 95

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 96

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=76C4171F-B382-487C-B54A-739C9EB65358&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=76C4171F-B382-487C-B54A-739C9EB65358&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=76C4171F-B382-487C-B54A-739C9EB65358&addseg=20

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZDNDE3MUYtQjM4Mi00ODdDLUI1NEEtNzM5QzlFQjY1MzU4&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZDNDE3MUYtQjM4Mi00ODdDLUI1NEEtNzM5QzlFQjY1MzU4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFq2eQtOJ9_n7xaP-8eY05I&google_cver=1

Request Chain 100

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5501796089684027350

Request Chain 101

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1882622b-6497-4a0d-b717-d658985f26c1

Request Chain 102

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:420c608c-5fd6-4600-920d-e2fde03af60e&gdpr=0&gdpr_consent=

Request Chain 103

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3939867178161761811&gdpr=0&gdpr_consent=

Request Chain 181

https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 183

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFi1g9j7vKG3ncFJ7_uHJGg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 193

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MTk0NjI2OTkwNzIzMTU4NjU%3D

Request Chain 195

https://pr-bh.ybp.yahoo.com/sync/triplelift/14719462699072315865?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-51GVZsBE2oQgHdVu3xeTHf2Oh3UgW1f2KrkGYv8fgw--~A&dongle=0883

Request Chain 196

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=160106842101282621&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 197

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14719462699072315865 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14719462699072315865&dcc=t

Request Chain 198

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 201

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvy8knynx HTTP 302
https://xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 202

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvy8knynx HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net/eum/results.txt

245 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ocregister.com/
Redirect Chain

https://ocregister.com/
https://www.ocregister.com/

264 KB
49 KB

28ms
26ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

5417175f98d44ba446a911104db8eeef06c5429e4777f7bd289cde63cb7fa094

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:method: GET
:authority: www.ocregister.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 30 Apr 2021 19:51:49 GMT
content-type: text/html; charset=UTF-8
content-length: 49673
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.ocregister.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/8Ac4j>; rel=shortlink
content-encoding: gzip
x-rq: ams6 86 177 3233
cache-control: max-age=300, must-revalidate
age: 213
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000;includeSubdomains

Redirect headers

server: nginx
date: Fri, 30 Apr 2021 19:51:49 GMT
content-type: text/html; charset=UTF-8
content-length: 0
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
x-redirect-by: WordPress
location: https://www.ocregister.com/
x-rq: ams6 89 52 3124
cache-control: max-age=300, must-revalidate
age: 203
x-cache: hit
strict-transport-security: max-age=31536000;includeSubdomains

GET
H2 200 /
www.ocregister.com/_static/ 61 KB
10 KB 26ms
23ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJx9UEkOwjAM/BCpoRIgDgjxlNQxYJGlih2h/h6LHlgEnLzNjO2B2+g4Y2yBBFAEAovCEAteXeSh+jqB6BSpS5w7AyzAGFiyUlYYYztzNtIpOa1N1LQCo9dSxWheGR+in7O/YtYafRWK00v6Ey2s5N6KgpXO9gXV1xPEupS/LsbIFlxqT52KcAwCXoR09iWVgSM5Hy4kXLKbTbHJIe1Xm9Vu26/75fYO31l91g==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

affd3234f7381f0ee336f8fe6143bbfa400792bb6669a23683cd716394f1c75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJx9UEkOwjAM/BCpoRIgDgjxlNQxYJGlih2h/h6LHlgEnLzNjO2B2+g4Y2yBBFAEAovCEAteXeSh+jqB6BSpS5w7AyzAGFiyUlYYYztzNtIpOa1N1LQCo9dSxWheGR+in7O/YtYafRWK00v6Ey2s5N6KgpXO9gXV1xPEupS/LsbIFlxqT52KcAwCXoR09iWVgSM5Hy4kXLKbTbHJIe1Xm9Vu26/75fYO31l91g==
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 86 194 3086
last-modified: Thu, 15 Apr 2021 15:58:42 GMT
server: nginx
age: 86731
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 10043

GET
H2 200 css
fonts.googleapis.com/ 2 KB
908 B 35ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21ce91794ae3eb67c07244a144b7f75e2e9454148e7dc0ffe6bd0f521a41b893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.ocregister.com
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 19:51:49 GMT
server: ESF
date: Fri, 30 Apr 2021 19:51:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Apr 2021 19:51:49 GMT

GET
H2 200 /
www.ocregister.com/_static/ 77 KB
14 KB 27ms
24ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyNjUEKwjAQRS/kZGzBli7Es4RkWqKZJDgTSm9vAhZcuvtv8d7HvYDLSSkplli3kAT9ymA9cPaColaDQydtujdRMhySaXjBH5MrnPKTtFj3gsVM2Ao1kuAe/EYqqLlAyaI9e0T6N9PPv9yVB9+HaVjm8TZe5w/v8UV3

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6d9ffff3695ff82554146fbb51605fd5033af7258d4fdcca47130e705c49eb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJyNjUEKwjAQRS/kZGzBli7Es4RkWqKZJDgTSm9vAhZcuvtv8d7HvYDLSSkplli3kAT9ymA9cPaColaDQydtujdRMhySaXjBH5MrnPKTtFj3gsVM2Ao1kuAe/EYqqLlAyaI9e0T6N9PPv9yVB9+HaVjm8TZe5w/v8UV3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 85 126 3161
last-modified: Wed, 28 Apr 2021 16:27:49 GMT
server: nginx
age: 86730
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 14328

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 135ms
46ms Script
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oW1WkUw3q0XgFvWQKZ1dWZFi0xUowDr9
content-encoding: gzip
server: Server
age: 489
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 30 Apr 2021 19:43:40 GMT
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PNO25H2IfDNWtlt2b7eJtS1riPJJFd5WWBnUpuFDJfK2VV79LeS7zQ==

GET
H2 200 zeus-adapter.js Show response
www.ocregister.com/wp-content/plugins/dfm_zeus/assets/dist/ 17 KB
6 KB 30ms
26ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1619725207g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1619725207g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 89 52 3124
last-modified: Wed, 09 Dec 2020 17:36:59 GMT
server: nginx
age: 86150
etag: W/"5fd10b3b-43df"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 5681
expires: Sat, 30 Apr 2022 19:51:49 GMT

GET
H2 200 main.js Show response
mng-ocregister.zeustechnology.com/ 193 KB
52 KB 107ms
29ms Script
application/javascript 65.9.84.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-ocregister.zeustechnology.com/main.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3975943682f5334f3d240f507f624ed54a994bda2761e5bf416789c65c83935e

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qIrEs9JkkIuLzz5Odj8S.zERlfdeYPjz
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:56:29 GMT
server: AmazonS3
age: 1673
etag: W/"0443de8e33245b11eb5bee44296af7e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Fri, 30 Apr 2021 19:43:50 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Xu6Sx3iGSIRC0EkjCY-0Rc1WC7SqfkJAYFwVqXb18Wt1VrtHBRtGaA==

GET
H2 200 / Show response
www.ocregister.com/_static/ 8 KB
3 KB 30ms
26ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyNjEEKwjAQRS/kdGxBiwvxCAo9QKnpVBIySclPEDy9LVjo0tXnP3iP3zOZGLKEzLMvLxvA46T9Rwp4ACQv3yKvkFZIzxJGL5XDgXeu8XYZ0kJbBcnwQ9IUkw7ByBZzYJ2Lh1Rqw3+VrrvvbCBSjtHjF7jptT7Xl7Y5NcfWfQEs7Eyk

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba14fb27d9998ef4d4c4466c5436aec6d37fac1f346a80d2567d51e5c38672bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJyNjEEKwjAQRS/kdGxBiwvxCAo9QKnpVBIySclPEDy9LVjo0tXnP3iP3zOZGLKEzLMvLxvA46T9Rwp4ACQv3yKvkFZIzxJGL5XDgXeu8XYZ0kJbBcnwQ9IUkw7ByBZzYJ2Lh1Rqw3+VrrvvbCBSjtHjF7jptT7Xl7Y5NcfWfQEs7Eyk
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 82 54 3250
last-modified: Mon, 08 Mar 2021 18:42:18 GMT
server: nginx
age: 86150
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 2703

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 06:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393091
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 06:40:18 GMT

GET
H2 200 loader.min.js Show response
www.ocregister.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 30ms
27ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 87 22 3216
last-modified: Tue, 13 Oct 2020 22:59:23 GMT
server: nginx
age: 2779300
etag: W/"5f86314b-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 5483
expires: Sat, 30 Apr 2022 19:51:49 GMT

GET
H2 200 site-ocr.min.js Show response
www.ocregister.com/wp-content/plugins/site-plugins/site-ocregister/static/js/ 76 B
154 B 30ms
27ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/site-plugins/site-ocregister/static/js/site-ocr.min.js?m=1619725207g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

50f099cce99a1da39267b744c3f358491ba72b048fea2bc652fe736b037881ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/plugins/site-plugins/site-ocregister/static/js/site-ocr.min.js?m=1619725207g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
x-rq: ams6 85 126 3161
last-modified: Thu, 18 Feb 2021 21:39:51 GMT
server: nginx
age: 86150
etag: "602edea7-4c"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76
expires: Sat, 30 Apr 2022 19:51:49 GMT

GET
H2 200 digitalfirstmedia.js Show response
cdn.blueconic.net/ 139 KB
42 KB 145ms
50ms Script
text/javascript 13.224.106.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/digitalfirstmedia.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.106.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-106-119.mad50.r.cloudfront.net

Software

- /

Resource Hash

4bc605c292343312a321a07b0c8e3f8057e6bab991d944b7906c94fbe71fdc77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 416
x-cache: Hit from cloudfront
content-length: 41990
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Apr 2021 18:26:48 GMT
server: -
etag: "22adb-5c0e449e97390-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 58b3f95ba15f0e866891905b1de9d2c7.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: MAD50-C1
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: YmRFffEFdM4cQ3XtWO7z9A0vWc2fDLS5VRMhoZbPbP-f0mpQLwDEVw==

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 380 KB
81 KB 138ms
94ms Script
application/javascript 2600:9000:2104:f000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:f000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c66dbf6b5716d3f7c8ece663d59bd0a576cc6bcc799e05c342255bcdce5338bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: CloudFront
age: 24076
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: AMS1-C1
strict-transport-security: max-age=2592000
content-length: 82748
x-xss-protection: mode=block
x-amz-cf-id: N7jiNVpJZVgYnR3XNRzca-_igj4hMuMl2wYeV2cATF1Hu7_JLlFGXg==

GET
H2 200 / Show response
www.ocregister.com/_static/ 2 KB
946 B 30ms
28ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyNyzsOgCAMANALWSskShyMZyEUBeRnCvH6zm6+/eFTwZTcbG5YYz99ZqQjgSZIhRi56eYNBkbnOIJx1lxj8nkMPODvS57vzp+9p00sYlVylpMKL0WoMFI=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2f2da4eff2883da92c283cd85f7f89584edbe4f78898408b89b0e0734a9a2c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJyNyzsOgCAMANALWSskShyMZyEUBeRnCvH6zm6+/eFTwZTcbG5YYz99ZqQjgSZIhRi56eYNBkbnOIJx1lxj8nkMPODvS57vzp+9p00sYlVylpMKL0WoMFI=
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
content-encoding: gzip
x-rq: ams6 87 22 3226
last-modified: Wed, 28 Apr 2021 16:34:58 GMT
server: nginx
age: 86150
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 865

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 351 KB
70 KB 114ms
59ms Script
application/javascript 65.9.84.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq&ver=5.7.1
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4e10af75815e3c730c239f93c22695236ed9ffd398d40c33b00cc0309f74310

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 19:11:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"20e7417d2b172d22d3933cdd35a500f0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: 1UBk4doJ1qkoN0V1hvFUy7CRF3l0qiVhbZ6Ew-1BR2njJxu-rtO39Q==

GET
H2 200 dfm-pushly.min.js Show response
www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
253 B 29ms
28ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1619725207g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1619725207g
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:49 GMT
x-rq: ams6 87 152 3142
last-modified: Thu, 15 Apr 2021 01:37:35 GMT
server: nginx
age: 86150
etag: "607798df-a0"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Sat, 30 Apr 2022 19:51:49 GMT

GET
H2 200 boldcoastal.css
www.ocregister.com/wp-content/themes/assets/static/css/ 372 KB
57 KB 23ms
22ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/css/boldcoastal.css

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c4d2cd015af26f4ca392c5a70fea86fcec7f4c3aa42f5eb8a15135de6be128e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/assets/static/css/boldcoastal.css
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 91 187 3109
last-modified: Wed, 14 Apr 2021 18:17:25 GMT
server: nginx
age: 1388036
etag: W/"607731b5-5cec4"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 58604
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 main.js
mng-ocregister.zeustechnology.com/ 0
52 KB 71ms
51ms Other
application/javascript 65.9.84.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-ocregister.zeustechnology.com/main.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qIrEs9JkkIuLzz5Odj8S.zERlfdeYPjz
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:56:29 GMT
server: AmazonS3
age: 1673
etag: W/"0443de8e33245b11eb5bee44296af7e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Fri, 30 Apr 2021 19:43:50 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 9lOSkymhoM4fZwsaHyTNkQnNHEqSGrwVOFdNrgcWNiYjbU1FyKEHsA==

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 0
33 KB 46ms
45ms Other
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oW1WkUw3q0XgFvWQKZ1dWZFi0xUowDr9
content-encoding: gzip
server: Server
age: 489
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 30 Apr 2021 19:43:40 GMT
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DwaWVvqKW_2e6x9XtNBiV789izouag47h4vldJKfeItOq8jU8ev-LQ==

GET
H2 200 wp-emoji-release.min.js Show response
www.ocregister.com/wp-includes/js/ 14 KB
5 KB 41ms
39ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 89 52 3124
last-modified: Thu, 15 Apr 2021 15:58:45 GMT
server: nginx
age: 685264
etag: W/"607862b5-3795"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 4712
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 oc-register-logo-376x79.svg
www.ocregister.com/wp-content/uploads/2017/09/ 7 KB
3 KB 28ms
26ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2017/09/oc-register-logo-376x79.svg

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/uploads/2017/09/oc-register-logo-376x79.svg
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 109 198 443
last-modified: Wed, 27 Sep 2017 18:04:08 GMT
server: nginx
etag: W/"6ee48065e4ae2c81"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
expires: Wed, 06 Apr 2022 13:55:34 GMT

GET
H2 200 ocr_viewEedition.png
www.ocregister.com/wp-content/uploads/2020/04/ 281 KB
282 KB 31ms
29ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2020/04/ocr_viewEedition.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2a50daae1b0701dad335f0d492160b43d246c509e7ad22e6b2dc666f57611369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/uploads/2020/04/ocr_viewEedition.png
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
x-rq: ams6 109 144 443
last-modified: Wed, 22 Apr 2020 23:19:51 GMT
server: nginx
etag: "2c84d45c933ea463"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 288091
expires: Wed, 06 Apr 2022 14:06:17 GMT

GET
H2 200 socal-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 8 KB
8 KB 33ms
32ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
x-rq: ams6 86 194 3241
last-modified: Tue, 05 Jan 2021 18:59:35 GMT
server: nginx
age: 9939026
etag: "5ff4b717-1fcf"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8143
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 dfm-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 13 KB
13 KB 29ms
28ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
x-rq: ams6 89 84 3089
last-modified: Tue, 05 Jan 2021 18:59:32 GMT
server: nginx
age: 9939025
etag: "5ff4b714-3443"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13379
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 loading.gif
www.ocregister.com/wp-content/mu-plugins/jetpack-9.6/modules/sharedaddy/images/ 2 KB
3 KB 26ms
26ms Image
image/gif 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/mu-plugins/jetpack-9.6/modules/sharedaddy/images/loading.gif

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/mu-plugins/jetpack-9.6/modules/sharedaddy/images/loading.gif
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
x-rq: ams6 91 187 3109
last-modified: Tue, 30 Mar 2021 21:00:33 GMT
server: nginx
age: 1911225
etag: "60639171-9e2"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2530
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 19 KB
8 KB 23ms
22ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJx9zt0OwiAMhuEbktUt0cUD46UsE5iWQIsUNHL1bks88uf0TZ98hUdUmilbyhB9uSAJmCkM1RaBUcRmAUka3JrVklVgI01Aapxs4JtHuc06lrPHVWoOYT4YNBfKv1S8cmaa0Hu4WzKcIKLOJdkl/Zv7hH6sT8Fq31+ewrHdt4e+23Xb3r0AT1Rbmg==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d4ad422577d5d3026d892312f17f163cf595ffa0b3686477c109340129927b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJx9zt0OwiAMhuEbktUt0cUD46UsE5iWQIsUNHL1bks88uf0TZ98hUdUmilbyhB9uSAJmCkM1RaBUcRmAUka3JrVklVgI01Aapxs4JtHuc06lrPHVWoOYT4YNBfKv1S8cmaa0Hu4WzKcIKLOJdkl/Zv7hH6sT8Fq31+ewrHdt4e+23Xb3r0AT1Rbmg==
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 86 177 3233
last-modified: Thu, 29 Apr 2021 19:40:07 GMT
server: nginx
age: 80876
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 8324

GET
H2 200 ads.js Show response
www.ocregister.com/wp-content/themes/wp-mason/static/js/ 87 B
202 B 25ms
22ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
x-rq: ams6 82 54 3238
last-modified: Fri, 18 Sep 2020 18:07:53 GMT
server: nginx
age: 2779300
etag: "5f64f779-57"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 102 KB
29 KB 26ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJydzkEKwjAQQNELmY4taHEhniVN0jYxMxOYqeLtDehCQcS6/fDgw7UYx6SBFHQOGASsSFABUavRQRJwjMjUuHmhc4ORmiQb+MEVzrcx5ixr0MDZO7Y15C+sFrTC9AIzTyaSGRbVOvuBlrxMkQT8iMZ6g+zljdf2uFmPpaNL9IH/kIXVRHzCEx7bfXvou1237dMdJw+YbQ==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3b398618651a911b49686e36cbc14a0d0fd43960f6bfb7889b81d0e84c92d686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /_static/??-eJydzkEKwjAQQNELmY4taHEhniVN0jYxMxOYqeLtDehCQcS6/fDgw7UYx6SBFHQOGASsSFABUavRQRJwjMjUuHmhc4ORmiQb+MEVzrcx5ixr0MDZO7Y15C+sFrTC9AIzTyaSGRbVOvuBlrxMkQT8iMZ6g+zljdf2uFmPpaNL9IH/kIXVRHzCEx7bfXvou1237dMdJw+YbQ==
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 91 235 3123
last-modified: Thu, 29 Apr 2021 11:14:24 GMT
server: nginx
age: 86149
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 29242

GET
H2 200 embed.js Show response
c.go-fet.ch/a/ 174 KB
38 KB 97ms
44ms Script
application/javascript 2600:9000:2156:2400:c:2267:880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1253a35ae227bc3a277ee86c6fc21068468e8eab706ac80e7ca915f0cde67e05

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:45:24 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 15:54:56 GMT
server: AmazonS3
age: 387
etag: W/"17b5e0ed97f322ab9a184c219fe06d55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: public,max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _mMziOW9zPXzMnUPj8dMfGjfHbhJQp3IQZ3wuWFfMlRwlNMkEfiVsA==

GET
H2 200 wp-embed.min.js Show response
www.ocregister.com/wp-includes/js/ 1 KB
859 B 41ms
38ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-includes/js/wp-embed.min.js?m=1618502323g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-includes/js/wp-embed.min.js?m=1618502323g
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 82 54 3250
last-modified: Thu, 15 Apr 2021 15:58:41 GMT
server: nginx
age: 56784
etag: W/"607862b1-592"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 765
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 e-202117.js Show response
stats.wp.com/ 9 KB
3 KB 61ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202117.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Apr 2022 22:09:31 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 133ms
49ms XHR
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 02:09:00 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 63771
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: I28cARH7BeYKB70l7C3Gk2vpKhR84-jNWqtQ01ankNpCVUKiCSSvJw==

GET
H/1.1 200
OK SVQUS-4T4CY-QDTQU-EH6NG-32Y52 Show response
c.go-mpulse.net/boomerang/ 205 KB
50 KB 24ms
10ms Script
application/javascript 2a02:26f0:6c00:1b7::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyNjEEKwjAQRS/kdGxBiwvxCAo9QKnpVBIySclPEDy9LVjo0tXnP3iP3zOZGLKEzLMvLxvA46T9Rwp4ACQv3yKvkFZIzxJGL5XDgXeu8XYZ0kJbBcnwQ9IUkw7ByBZzYJ2Lh1Rqw3+VrrvvbCBSjtHjF7jptT7Xl7Y5NcfWfQEs7Eyk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b7::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:50 GMT
Content-Encoding: br
Last-Modified: Thu, 11 Mar 2021 18:49:37 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 29ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1218
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 12ff1591-b01e-001d-41f7-3de5c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 30 Apr 2021 20:21:50 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
573 B 45ms
14ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2569553
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 31 Mar 2021 19:12:28 GMT
date: Fri, 30 Apr 2021 19:51:50 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 98 KB
15 KB 410ms
194ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/585?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-30T21%3A51%3A50%2B02%3A00&ts=1619812310128

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

d490d3fdf7b99a1f8ffb5bcded763dce85130bfc77ed480f7bba73dc6be2be0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 14722
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 111 B
858 B 261ms
104ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

54bb1411d489da7bd74ccc70c44e20fbaedb5b953fcb4ca97ff5c277aff60925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 123
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 403 KB
75 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5b07503547eb615a6d9ca20069ef9a9a295baf02241e16a0d6fb6e97965e8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76588
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 19:12:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 19:51:50 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ocregister.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
age: 57289
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:01 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ocregister.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 467292
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Origin: https://www.ocregister.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/truetype

GET covidchart.php
projects.ocregister.com/extras/embeds/2020/coronavirus/ Frame B363 0
0

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 257ms
35ms Script
application/x-javascript 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:21:03 GMT
Via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
Age: 1847
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/x-javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: p-1IUfHBASqgogcrVwFLhaR_IXSTQJwNRIKbUxMFCsI5iM7eGpSv1g==
Expires: Sat, 01 May 2021 19:21:03 GMT

GET
H3-29 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
25 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ocregister.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
age: 150515
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:15 GMT

GET
H3-29 200 tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
fonts.gstatic.com/s/droidserif/v13/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e488b6a49159d34d6cd22d7379048db9476b146756cca403b21d3f032b76ac10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ocregister.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:05:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:20 GMT
server: sffe
age: 150388
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23508
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:05:22 GMT

GET
H2 200 common.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 53ms
52ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJydzkEKwjAQQNELmY4taHEhniVN0jYxMxOYqeLtDehCQcS6/fDgw7UYx6SBFHQOGASsSFABUavRQRJwjMjUuHmhc4ORmiQb+MEVzrcx5ixr0MDZO7Y15C+sFrTC9AIzTyaSGRbVOvuBlrxMkQT8iMZ6g+zljdf2uFmPpaNL9IH/kIXVRHzCEx7bfXvou1237dMdJw+YbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/assets/static/js/common.chunk.min.js
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 89 52 3117
last-modified: Wed, 14 Apr 2021 18:17:22 GMT
server: nginx
age: 1388035
etag: W/"607731b2-a62f"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 10587
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 56 KB
8 KB 53ms
53ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/assets/static/js/common-async.chunk.min.js
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 82 54 3238
last-modified: Wed, 14 Apr 2021 18:17:21 GMT
server: nginx
age: 1388035
etag: W/"607731b1-e145"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 8564
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 53ms
53ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ab5186d21dd8de73feda81815eb24a9906b827a0ff943d5a8d59a22e30245952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:path: /wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js
pragma: no-cache
cookie: bc_tstgrp=10; BCRevision_1619812310127=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Fwww.ocregister.com%2F%22%5D%2C%22testgroup%22%3A%5B10%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22testgroup_prelistener%22%3A%5B%22testgroup%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310127%22%7D; BCRevision_1619812310128=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619812310128%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ocregister.com
referer: https://www.ocregister.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-rq: ams6 89 52 3117
last-modified: Wed, 14 Apr 2021 18:17:22 GMT
server: nginx
age: 1388035
etag: W/"607731b2-abe"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 1217
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KM8CCP2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e78d9a84dc2d69b84ac6b6c11b4efbcf1c396d65b78cdfd5069971fb1d7093c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35398
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 19:12:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 19:51:50 GMT

GET
H2 200 ocregister.com.json Show response
c.go-fet.ch/hosts/ 52 B
557 B 79ms
61ms Fetch
application/json 2600:9000:2156:2400:c:2267:880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-fet.ch/hosts/ocregister.com.json
Requested by: Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80a1d9038bbc40fb2b03885202014154d49c0a2c3fc0b3c4d62bb418116b1b3f

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:50:16 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 95
x-cache: Hit from cloudfront
content-length: 70
access-control-allow-origin: *
last-modified: Tue, 23 Mar 2021 18:33:44 GMT
server: AmazonS3
etag: "b1f935c0ef2e1ffda83d079f978851c4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gywABpEs74OkfibD8g8F2PmZrr4R6DjpkS9PXkEHfSkjhXBHGdzjfg==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 19ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=126836891&post=0&tz=-7&srv=www.ocregister.com&host=www.ocregister.com&ref=&fcp=438&rand=0.5506541414818726
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 71ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 May 2021 19:51:50 GMT

GET
H/1.1 200
OK 185707-69774745078749.js Show response
js-sec.indexww.com/ht/p/ 74 KB
23 KB 745ms
690ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185707-69774745078749.js
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 672f8b3b98c1fe197bd7ff59a686e5890272b03583f7845008033b9b354db4e5

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Apr 2021 19:51:43 GMT
Server: Apache
ETag: "da45d8-1269c-5c135f0fb6909"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 23169
Expires: Fri, 30 Apr 2021 20:51:51 GMT

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 83ms
27ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:56:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-1d57-5b232e7ce6dc7"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=24181
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 2419
Expires: Sat, 01 May 2021 02:34:51 GMT

GET
H2 200 sync.js Show response
ib.3lift.com/ 275 B
618 B 1162ms
41ms Script
application/javascript 13.224.106.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/sync.js
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-84.mad50.r.cloudfront.net
Software: /
Resource Hash: c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:43:57 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 19:43:57 GMT
age: 474
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-rev: fbdf79a
x-amz-cf-pop: MAD50-C1
content-length: 275
x-amz-cf-id: QFCBpB6rUA6FHE0b9Ssee4YEu1f_CA2MVLwJu6UcSLyHACIYRG-RoA==
x-served-by: impression-bus5.us_east.prod

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 84ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

eba507adec2db70dac91972b4d38442fd16e22f7041e38a528e48cac44aa3723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "858 / 345 of 1000 / last-modified: 1619781377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21172
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:50 GMT

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 1011 B
842 B 35ms
9ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1619812310100
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1B) /
Resource Hash: 96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd

Request headers

Accept: */*
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
content-md5: i1fC4Ue5p2n4u48t1IbEIQ==
age: 34618
x-cache: HIT
content-length: 465
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 10:13:01 GMT
server: ECAcc (frc/8F1B)
etag: 0x8D905773626BB80
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4780638b-901e-00af-52a9-3d04ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1315
date: Fri, 30 Apr 2021 19:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 21:29:55 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 07 May 2021 19:51:50 GMT

GET
H2 200 ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f Show response
scripts.webcontentassessor.com/scripts/ 73 KB
24 KB 79ms
23ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226f3e6f54baec0d82242c86b28e575b1c409a5938dd6cfc539dd6eedfe2054e

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
age: 4154
x-cache: HIT
content-length: 23775
x-amz-id-2: W2uZB+Kpp/mlx5VhfMT8CRhSZU9Kc2x86V25GVCv7mY4Nq2aByqcv8xF5y74N4lQP/qkyXgY2jM=
x-served-by: cache-fra19146-FRA
last-modified: Fri, 30 Apr 2021 18:35:34 GMT
server: AmazonS3
x-timer: S1619812311.705447,VS0,VE1
etag: "9d283336063792ceb7318e5776db22fc"
vary: Accept-Encoding
x-amz-request-id: 9T801HAZ1XKZQBPF
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: T1L3Ib+Y9rCIszw54u6te0QKPzN6SureEfUolkPpB2RgZUGgBTFFo+aX1eSwlA/Z64j0WrYClx1P/AuJbaWnBw==
x-fb-trip-id: 664085054
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 19:51:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregiste...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregist...

64 B
329 B

67ms
65ms

Image
image/gif

13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: lwJa-NyxBydu4x1VIdlpTUVfiyODU1d2Qa7xoCWTtGIYvrRgiEP3KQ==

Redirect headers

date: Fri, 30 Apr 2021 19:51:50 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619812310631&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
content-length: 232
x-amz-cf-id: fLc2XrQPJrg0kzWC03f8N0LieUJPW9EDsV9fMhQ6YclPqzsSolj3pQ==

GET
H/1.1

200
OK

ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120;ip=185.210.217.100;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120
https://trkn.us/pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120;ip=185.210.217.100;cuidchk=1

42 B
780 B

105ms
104ms

Image
image/gif

52.70.122.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120;ip=185.210.217.100;cuidchk=1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.122.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-122-68.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 30 Apr 2021 19:51:50 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=11867;g=ocr-lead-match;gid=33847;ord=4292490937312.57;v=120;ip=185.210.217.100;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 200 8a32dceada7bc92031cee5a966484ece Show response
digitalfirstmedia.blueconic.net/plugin/plugin/ 530 KB
115 KB 108ms
108ms Script
text/javascript 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/plugin/8a32dceada7bc92031cee5a966484ece

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

7c90960deb8e9638be83dd40f5a44da4fd2d5133f4f65492b9e847b5461d9b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 19:51:50 GMT
server: -
etag: 8a32dceada7bc92031cee5a966484ece
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 116993
x-xss-protection: 1; mode=block
expires: Sat, 30 Apr 2022 19:51:50 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/ocregister.com/ 47 KB
18 KB 134ms
45ms Script
application/x-javascript 65.9.86.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/ocregister.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 49b1ab04beb8f83f665baa646dabf14cbbf8a9de041d004749a8a792e7e76c45

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 30 Apr 2021 00:21:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:08:16 GMT
server: nginx
age: 70205
etag: W/"603d1f80-bd2f"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: EoDkq-C_d_-mxsbgZkgqcBk2F6hlUGjE7STYr1ahCl6SQ-v7i66nmw==
expires: Sat, 01 May 2021 00:21:45 GMT

GET
H3-29 200 pubads_impl_2021042901.js Show response
securepubads.g.doubleclick.net/gpt/ 298 KB
105 KB 61ms
30ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107611
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:50 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 755
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 30 Apr 2021 20:39:15 GMT

GET
H2 200 rules-p-4ctCQwtnNBNs2.js Show response
rules.quantcount.com/ 3 B
436 B 117ms
39ms Script
application/javascript 2600:9000:20c8:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4ctCQwtnNBNs2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:33:15 GMT
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
age: 69516
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:57:14 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-amz-cf-id: akRFgakJaI5kFkNA0y258OFxnfgTZ9UiAsVarHTAQt573hDgXxkeeA==

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 58D6 38 KB
14 KB 31ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ocregister.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ocregister.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=151575
Expires: Sun, 02 May 2021 13:58:05 GMT
Date: Fri, 30 Apr 2021 19:51:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 200 2172602973018658 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 125ms
124ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2172602973018658?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4d442fa8808466406107adbf5673a454e26296dea0e65e60d71dfaae2589ccf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: NU6tB0USudxgvAW2UYgR5lXkuMXevbmlLTsYTaEeIR4u4iA3vAUIf3oOOt+R6Lziue619FV+qsm0UcjgxYhflA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 30 Apr 2021 19:51:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 38ms
10ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F4C) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 38147
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (frc/8F4C)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6a2102bb-401e-002e-43a1-3da6b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 37ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 23453
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/8F49)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 88c419f8-b01e-00d5-5ec3-3d6ea2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 559 KB
118 KB 35ms
6ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC9) /
Resource Hash: e4cb92545debc096ddbad5c1b5aabc2d81619b50a13ae3e4553c7856bf48533b

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
content-md5: YCP0LFp1TeQG+VR1A6wQBQ==
age: 38711
x-cache: HIT
content-length: 119954
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/8FC9)
etag: 0x8D9056E3D3EEAAD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e890f6a9-001e-012d-34a0-3de3ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1882219876&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjQAAAAC~&jid=1731607770&gjid=248823469&cid=544565697.1619812311&tid=UA-61435456-15&_gid=1647311028.1619812311&_r=1&gtm=2wg4l3TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd9=no&cd10=home&cd11=5.7.1&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd51=&cd53=544565697.1619812311&z=1890822574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MHF7NT7&t=gtm30&cid=544565697.1619812311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

128b73640da17e7f2dca44fdbe5108211db7f2cbd98caef1f6619aa36d29dd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35942
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 19:12:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 19:51:50 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
2 KB 37ms
25ms XHR
application/json 2a02:26f0:6c00:1b7::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SVQUS-4T4CY-QDTQU-EH6NG-32Y52&d=www.ocregister.com&t=5399374&v=1.720.0&sl=0&si=ad059330-1e8b-4061-8fd4-4fba16256801-qse76e&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b7::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb83e5a3eca34c4cf0efe1548b42beb8115c6f06330547574abb3c182bab3c17

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1258

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 58D6 3 KB
4 KB 97ms
23ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=58804889&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b98ae7740b942465f875abc90ebc8190acf2aa676c55c18dcc6d66ce68c5881d

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:50 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1731607770&gjid=248823469&_gid=1647311028.1619812311&_u=aGBAAEAiQAAAAC~&z=425841889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Apr 2021 19:51:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1882219876&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjRAAAAC~&jid=521460756&gjid=2096352117&cid=544565697.1619812311&tid=UA-111452396-3&_gid=1647311028.1619812311&_r=1&gtm=2wg4l3KM8CCP2&z=560268493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1882219876&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DML&ea=Version&el=20210329-pathed-headers-1-g79d2644_prod_master&_u=aGDACEAjRAAAAC~&jid=2049865499&gjid=1892649569&cid=544565697.1619812311&tid=UA-111452396-5&_gid=1647311028.1619812311&_r=1&gtm=2wg4l3KM8CCP2&z=1233474174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1882219876&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Homepage%20Tracking&ea=Featured%20Wrapper%20Visible&el=Featured%20Wrapper%20Visible&_u=aGDACEAjRAAAAC~&jid=&gjid=&cid=544565697.1619812311&tid=UA-61435456-15&_gid=1647311028.1619812311&gtm=2wg4l3TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd9=no&cd10=home&cd11=5.7.1&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd51=&cd53=544565697.1619812311&z=189379999

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 10:14:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34634
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1882219876&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Homepage%20Tracking&ea=Latest%20Headline%20Visible&el=Latest%20Headline%20Visible&_u=aGDACEAjRAAAAC~&jid=&gjid=&cid=544565697.1619812311&tid=UA-61435456-15&_gid=1647311028.1619812311&gtm=2wg4l3TLFP4R&cd2=ocregister.com&cd3=ocregister.com&cd9=no&cd10=home&cd11=5.7.1&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.ocregister.com%2F&cd24=home&cd25=SCNG&cd27=Home&cd28=https%3A%2F%2Fwww.ocregister.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=LANewsGroup&cd34=true&cd35=Orange%20County%20Register%2C%20Orange%20County%20News%2C%20Orange%20County%20Sports&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd51=&cd53=544565697.1619812311&z=1059716462

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 10:14:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34634
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 30ms
29ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1731607770&_u=aGBAAEAiQAAAAC~&z=1621926893

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1731607770&_u=aGBAAEAiQAAAAC~&z=1621926893

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 441 B
1 KB 83ms
45ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

60f1f2bf3fb68046e74b3857cdbc7f1c2150f27b2e78285505f704ec863dfabd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:50 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 5ee2b043-c785-4e8f-a0e3-9331a376e1c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 441
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 490 B
491 B 59ms
23ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=22173878057
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: 1aa8511374d3937a752d82d79c2d839203c9c9a42ceeecdf694efe0aca0b38c5

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 281

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 55ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:51:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
4 KB 204ms
124ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=353666&tk_flint=custom&slots=3&size_id=44%3B2%3B15&alt_size_ids=%3B55%2C57%3B9%2C10%2C54&zone_id=1882796%3B1882798%3B1882800&rp_floor=0.01
Requested by: Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2d63a01e1eab69bddfbebf4df2e258365f4337e50f498b807b9bcc30a1240e89

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:51 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 472
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
479 B 270ms
223ms XHR
application/json 18.184.0.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.ocregister.com&debug=false

Requested by

Host: mng-ocregister.zeustechnology.com
URL: https://mng-ocregister.zeustechnology.com/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 93ms
93ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.ocregister.com%2F&pid=jb8RVIEaMbWpD&cb=0&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x50%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2FSponsorship_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Finterstitial%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2FCube1_RRail_ATF%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:50 GMT
via: 1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g-oMN_ExMllJBcQ1_qiOUoGToa2Uh__tavJv_0S0W31kSk-8W2AknA==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 608ms
317ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1619812310917&plid=48111414&idsite=ocregister.com&url=https%3A%2F%2Fwww.ocregister.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.ocregister.com%2F&sref=&sts=1619812310912&slts=0&title=Orange+County+Register%3A+Local+News%2C+Sports+and+Things+to+Do&date=Fri+Apr+30+2021+21%3A51%3A50+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=67580832&u=pid%3D38ae8aa50245a7f4a299ce8d9294687d
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
Cache-Control: no-cache
Last-Modified: Friday, 30-Apr-2021 19:51:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 295 KB
28 KB 7ms
7ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F69) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:50 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 38702
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/8F69)
etag: 0x8D9056E3D33EB71
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 200b32c8-001e-0066-57a0-3d9425000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame A83D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6615568835501980393

42 B
769 B

68ms
24ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6615568835501980393
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=58804889&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=76C4171F-B382-487C-B54A-739C9EB65358; chkChromeAb67Sec=1; DPSync3=1620950400%3A227_226_221_201; SyncRTB3=1620950400%3A13_161_7_71_220_56_54_3_21%7C1621036800%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 30 Apr 2021 19:51:51 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-6615568835501980393; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 30-May-2021 19:51:51 GMT; path=/ PugT=1619812311; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 30-May-2021 19:51:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 29-Jul-2021 19:51:51 GMT; path=/
X-lat: lhrpug001:0:366
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6615568835501980393
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A72A 43 B
304 B 66ms
22ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=58804889&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 30 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1127
date: Fri, 30 Apr 2021 19:51:50 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dsQXH7OCSHy1SnOcnrZTWA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dsQXH7OCSHy1SnOcnrZTWA%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

28ms
27ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=102475
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 02 May 2021 00:19:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 58D6 95 B
596 B 54ms
36ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=76C4171F-B382-487C-B54A-739C9EB65358
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64834e9fea034e14-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09c5ef77f200004e14cea94000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 58D6
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

35ms
35ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:48 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:48 GMT
frontend-id: 8
location: /pubmatic/1/info2?sType=sync&sExtCookieId=76C4171F-B382-487C-B54A-739C9EB65358&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=76C4171F-B382-487C-B54A-739C9EB65358&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=76C4171F-B382-487C-B54A-739C9EB65358&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=76C4171F-B382-487C-B54A-739C9EB65358&addseg=20

7 B
147 B

66ms
19ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=76C4171F-B382-487C-B54A-739C9EB65358&addseg=20
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Fri, 30 Apr 2021 19:51:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=76C4171F-B382-487C-B54A-739C9EB65358&addseg=20
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZDNDE3MUYtQjM4Mi00ODdDLUI1NEEtNzM5QzlFQjY1MzU4&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzZDNDE3MUYtQjM4Mi00ODdDLUI1NEEtNzM5QzlFQjY1MzU4&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

24ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug010:0:321
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFq2eQtOJ9_n7xaP-8eY05I&google_cver=1

42 B
855 B

24ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFq2eQtOJ9_n7xaP-8eY05I&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug006:0:469
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFq2eQtOJ9_n7xaP-8eY05I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 58D6 43 B
609 B 70ms
21ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 29 Apr 2021 19:51:51 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5501796089684027350

42 B
801 B

34ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5501796089684027350
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug006:0:547
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5501796089684027350
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1882622b-6497-4a0d-b717-d658985f26c1

42 B
882 B

98ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1882622b-6497-4a0d-b717-d658985f26c1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug012:0:360
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1882622b-6497-4a0d-b717-d658985f26c1
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:420c608c-5fd6-4600-920d-e2fde03af60e&gdpr=0&gdpr_consent=

42 B
946 B

97ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:420c608c-5fd6-4600-920d-e2fde03af60e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug005:0:588
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 30 Apr 2021 19:51:54 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:420c608c-5fd6-4600-920d-e2fde03af60e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 30 Apr 2021 19:51:53 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 58D6
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3939867178161761811&gdpr=0&gdpr_consent=

42 B
769 B

121ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3939867178161761811&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:51 GMT
X-lat: lhrpug003:0:551
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:51 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.47:80
AN-X-Request-Uuid: e5b2b395-babf-41a7-88df-b6b486b519bc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3939867178161761811&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 76C4171F-B382-487C-B54A-739C9EB65358
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 58D6 43 B
839 B 99ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/76C4171F-B382-487C-B54A-739C9EB65358?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
148 B 17ms
17ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:51:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel;r=663665603;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.ocregister.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1525043833-1619812311031;pbcn=u;pbc=;ns=0;ce=1;qjs...
pixel.quantserve.com/ 35 B
372 B 14ms
12ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=663665603;labels=LANewsGroup;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.ocregister.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1525043833-1619812311031;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=ocregister.com;je=0;sr=1600x1200x24;dst=1;et=1619812311031;tzo=-120;ogl=type.website%2Ctitle.Orange%20County%20Register%2Curl.https%3A%2F%2Fwww%252Eocregister%252Ecom%2F2021%2F04%2F30%2Fall-aboard-biden-celebrates-amtraks-50-yea%2Csite_name.Orange%20County%20Register%2Cimage.https%3A%2F%2Fwww%252Eocregister%252Ecom%2Fwp-content%2Fuploads%2F2017%2F04%2Focr_icon11%252Ejpg%2Cimage%3Awidth.512%2Cimage%3Aheight.512%2Clocale.en_US

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H/1.1 200
OK SCNGPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 623ms
133ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Protocol: HTTP/1.1
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Fri, 30 Apr 2021 19:51:51 GMT
Content-Length: 0

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
50 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1110e9e9c493825984fd2f24d0d756130e5cdb3f4c2ec68aad7120cfec507d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50877
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 19:12:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H/1.1 200
OK index.js Show response
d1wa9546y9kg0n.cloudfront.net/ 6 KB
7 KB 187ms
81ms Script
application/x-javascript 143.204.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 09:56:51 GMT
Via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2016 09:35:10 GMT
Server: AmazonS3
Age: 35701
ETag: "cf67eb51479caf3b57c3577a08b6a038"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6494
X-Amz-Cf-Id: 72GEgABbXe3_L8uY4pet1CSegNJDE2c8eonP-uY9cosUTpClNLCPkA==

GET
H/1.1 200
OK SCNGPRODWP Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 2 MB
411 KB 689ms
688ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: d30e1b7af57a77916992340d184ecd3faf3612ffe20d41f065d2555cdee9ce4b

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk4MjY3MTF9.Gc3awqXRmY9GW3pGMJSur5hACCbli1IjmuvrFgrBroA
source-system: Plugin
site-code: DFM
autoqa: false
access-control-allow-origin: *
settingskey: LANG,OCR
ssid: c72ad0472c9beb7198091821c1261eb0
environment: prod
attr: OCR
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
location: undefined
accept: application/json
Referer: https://www.ocregister.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:51 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 419333
X-Server-Time: 4/30/2021 7:51:51 PM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 468ms
143ms Image
image/jpeg 52.217.196.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.196.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:51:52 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: 9MFM5VYJA23143JJ
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 3ywoBzTDnvDIRVnVsJyCAV01eWiHT6wFSR0Ih7XjjKM8G2qmTmev2ec49y3vc9loyuPwRTauxp0=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 9ms
9ms Image
image/gif 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2172602973018658&ev=PageView&dl=https%3A%2F%2Fwww.ocregister.com%2F&rl=&if=false&ts=1619812311099&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619812311098.1743199826&it=1619812310757&coo=false&exp=l0&rqm=GET

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H2 200 6f1f66e3944fb124ee28e5e915a8e8ff Show response
digitalfirstmedia.blueconic.net/plugin/library/ 1 MB
316 KB 105ms
104ms Script
text/javascript 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/plugin/library/6f1f66e3944fb124ee28e5e915a8e8ff

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

bd21e7f9cbc8bcc0b73e6f11a04a418834e7c8b0ef73db9941ad4e7b5f22af17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 19:51:51 GMT
server: -
etag: 6f1f66e3944fb124ee28e5e915a8e8ff
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 322153
x-xss-protection: 1; mode=block
expires: Sat, 30 Apr 2022 19:51:51 GMT

POST
H2 200 LB-Zone-2 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/585/ 3 KB
2 KB 193ms
193ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/585/LB-Zone-2?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=a30bc777-338b-4537-b7a9-cb3abfb04538&overruleReferrer=&time=2021-04-30T21%3A51%3A51%2B02%3A00&ts=1619812311130

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

9767635d38357d9f68de5b7700d3a43ecf97cf5d6b727292105776da6347ff6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1120
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 66 B
857 B 106ms
106ms Script
text/javascript 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=a30bc777-338b-4537-b7a9-cb3abfb04538&&callback=bc_json586

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

531a2be9296e3f4da42103194a334f25d0894193272e50aa905421c42344bda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 85
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
799 B 111ms
43ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
17 KB 419ms
419ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3806243294406793&correlator=825469462624008&output=ldjh&impl=fifs&eid=31060950%2C21064372%2C31060412&vrg=2021042901&ptt=17&sc=1&sfv=1-0-38&ecs=20210430&iu_parts=8013%2Cocregister.com%2Chome%2CSponsorship_1%2Cinterstitial%2Ctop_leaderboard%2CCube1_RRail_ATF&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&prev_scp=POS%3DSponsorship_1%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Sponsorship_1.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dinterstitial%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_interstitial.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_top_leaderboard.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Cube1_RRail_ATF.init.dsk%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dapplied%26kv%3Dhome%26page%3Dhomepage%26RPN%3D350358632451%26rurl%3D%26articleid%3D8403952%26best%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1619812311&dt=1619812311436&dlt=1619812309915&idt=925&frm=20&biw=1600&bih=1200&oid=3&adxs=1439%2C800%2C800%2C1287&adys=17%2C177%2C183%2C306&adks=2961424806%2C2682496275%2C1062004577%2C2986897037&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fwww.ocregister.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x50%7C1280x1%7C1600x96%7C1x250&msz=1x50%7C1x1%7C1x90%7C1x250&ga_vid=544565697.1619812311&ga_sid=1619812311&ga_hid=1882219876&ga_fc=false&fws=4%2C4%2C4%2C4&ohw=1%2C1280%2C1600%2C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a78eab5a365ef3590b6d2f74db1f9c9ec102b803045a1cd113525f5d0bcb189a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17098
x-xss-protection: 0
google-lineitem-id: 5677714481,-2,5670564854,5667006136
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347594186,-2,138347085874,138346261809
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 64ms
17ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 c82b4907e1d878a7212b792043ce335f Show response
digitalfirstmedia.blueconic.net/templates/ 474 KB
70 KB 104ms
103ms Script
text/javascript 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/templates/c82b4907e1d878a7212b792043ce335f

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 19:51:51 GMT
server: -
etag: c82b4907e1d878a7212b792043ce335f
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 70537
x-xss-protection: 1; mode=block
expires: Sat, 30 Apr 2022 19:51:51 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 191 B
983 B 171ms
171ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/585?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=a30bc777-338b-4537-b7a9-cb3abfb04538&bctempid=&overruleReferrer=&time=2021-04-30T21%3A51%3A51%2B02%3A00&ts=1619812311511

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

bdcc78d7899148a806c525d0b3fc679b0518622fb15b23c24153927831457c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 152
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 1060502780777063 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1060502780777063?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

124b3d139eae4f1566aab07f28f209d83c6ecfa67bd1ce6b7f0d79f9b0553aae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 02qCi5DWQVdWPalp631RtDK3pfNE0p8vQ7yY3gK5K9j40vuO6L1JgixVJ8YRSEC+CN+PQK9B96WvYfbJIPkrxg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 30 Apr 2021 19:51:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 281 B
895 B 125ms
124ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

0dc3d7796bb686aa076231226692be7d0ec8a80649e36afad76a452735454e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 155
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 141 B
880 B 124ms
124ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

0a9c0dd3ddbce5e11c8759a0d51f60b6e88d7f8a3fa18d60a4b55bcf50da3623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 145
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 5 KB
3 KB 111ms
111ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

f9e60e030262be59a6af29831c55d2949670827614ef5f8cd304addf9526275e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2427
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 585 Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 141 B
880 B 111ms
111ms XHR
application/json 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

858a74096b62cc17750090e293b59f3ea7d00b8904131b687de3672bea278b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.ocregister.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 145
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recommendations Show response
digitalfirstmedia.blueconic.net/rest/ 15 KB
5 KB 108ms
107ms Script
text/javascript 3.225.112.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/rest/recommendations?storeId=517a0bba-21e3-4326-8648-7a0c8269a68b&profileId=a30bc777-338b-4537-b7a9-cb3abfb04538&frequencyCap=8&itemId=www.ocregister.com%2F&request=%5B%7B%22id%22%3A1560907820833%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-04-28T19%3A51%3A51.623Z%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_ENTRYPAGE%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_CTR%22%7D%5D%2C%22count%22%3A12%7D%5D&&callback=bc_json587

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/digitalfirstmedia.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.112.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-112-210.compute-1.amazonaws.com

Software

- /

Resource Hash

3f851fd6e1f861e6b1698d9306eda176d43df956f089018da22be4e659f0f123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript;charset=utf-8
content-length: 4594
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 20ms
9ms Ping
text/plain 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9KXebcoK32ikjPwH

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 30 Apr 2021 19:51:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F808 0
0 86ms
85ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTn2tpXRDU_mwB08V0nLUStVRo1_s6yMFEbSRBU_pdteGwVgxeIZQh_V43NOWpdBpn3y8Srl1kl83_uqqn0FToLzMO9KjeF_ei-MXGHumKAV235zjwIcSpChdFazJFgGNA6R_HUK0OZW8ylB-iY51v0ix2TYHpLri79CYt8JehjsKy_nRSlLN71Ej9e9r9wqQbvkOFoaXl24nJl5gUeCrwWLF2ilWwE44ZDUvq0reH6i8CPeipG_a7aYS5uMK7XLVDy5O5NlKMRAVfgel4EG4ZEkFvmqDRTMV_U8ipeqygxt_v_ZUqLCNi9edd-HCwoD7bzYLp&sig=Cg0ArKJSzNbA3ti5ViPUEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame F808 17 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:48:51 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame F808 2 KB
1 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:38:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F808 116 KB
35 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F808 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJqbeg_DqPbgwKk2TgnlpzhgxzKq4RYCWhD54VmElGQMqsIrQhpyRk5RGnqfxlJj8O0iYV
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5920208518491714354
tpc.googlesyndication.com/simgad/ Frame F808 21 KB
21 KB 21ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5920208518491714354

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

330732ea30a43afe482b83ee9d650c06b3b8d39c8e3546a050c4e627fa6d9548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:27:11 GMT
x-content-type-options: nosniff
age: 303880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21837
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:46:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 07:27:11 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E560 0
0 58ms
58ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst55r-UoSWbTZZbBf8N4NVBREiFzhmqcx4KFOckKhEEEUYaXXBHaGfAecSKS1zXgtyYEyuKM9dQWJMbh6Mi_dUx0qYClB_CXAmJvmVyAiSGuhrzBfe5gSDjJFsJLPLBSyvnq_YxSBebnKRSdmlcuDa7_QFG447zJ9w73If9u6P7brjrtXBFDNtD7bYLD_kgbyWmmINh86W-uWu_BSbTE2pAYFhfWBIN9II4d04ZH3iaMMI8M6v5Kl0blbEYZC1Pr_dJPFbYEVtnsqwvDR9Nqs-jzhMfD9pyUMexpVkqWgyn9n_f8LpevlLZ3OO999zeQ1V4fqCBKTkhY-Q&sig=Cg0ArKJSzPLWABl3_fEkEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame E560 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:48:51 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame E560 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:38:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E560 116 KB
35 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H3-29 200 190211843820857473
tpc.googlesyndication.com/simgad/ Frame E560 24 KB
24 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/190211843820857473

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ecbd0ba72fbe8bf20e6c79693dee5de16087a9321fa3df56cf97eafec77317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 17:17:54 GMT
x-content-type-options: nosniff
age: 268437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24208
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 18:00:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 17:17:54 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9469 0
0 60ms
58ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN0ZRWB2tXLv1TwUfB9aD7sY06z_sbZeYujTeuY3L2GW6Mpc8OXu-_neVT9ntth55g1RJBSGqZdDMOlYykYOaWz4snbmSliMewstH3Lvtsik_56hJKHlq8vT_FoUbVD7KiRtnY_eUtN11JzI9is8MD3NTGhpZTl0uUXTFCqSZXUiw74wJPTjRN0udyANHBD0f71nQVhwXkMJaMb6oMg6jzVV3AyJn5SAUpPCAQsoNic88d0Y-hSi5eDomR1dWWQERa6hNlnMOvRsKFuEO5Ib5S5tTjEf8_qtkBUAmJltKdJ6ZXAOgpHsi8S4jRK3VkJ54Pmk5DN2xHb_g&sig=Cg0ArKJSzNdU9vJh1-YXEAE&adurl=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 9469 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:48:51 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9469 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:38:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9469 116 KB
35 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:51:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9469 0
0 15ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxEkiHjly1EHACsDcVST1OQZ5gsUINarGVSvwPPrugYY_XFiib5aFOWZG1q8uKeUAjF8PN
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16725634446168361517
tpc.googlesyndication.com/simgad/ Frame 9469 24 KB
24 KB 9ms
7ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16725634446168361517

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68f284fbc26d83a2a44bc056a8c564744b851d9e54a9ac2cbb2abd34d199a5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:11 GMT
x-content-type-options: nosniff
age: 86560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24360
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 15:58:24 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:49:11 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F808 0
0 87ms
57ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFsCBVWlkF6vvpT9PlIpTOlzWuD-VAf0_yd3-EwlG3naDiQYw5PBK57sAGeRlobHS3H2-bGHvE9flFsFDlNdoUbCSUfmaInm7uAnCxDPfkfzsLunnJZiRq3NyTmHLmfyE9DSKeLClwqmvcuXpWVfweDsfPbrGpWRA9I5tZHVMNEwWAbwMZnrqqgHPosPXOaC_1r7EMSfwZ0o0o2uxRo9DbzOGftM8oeytJ9iAtJlFP7gPhkKY3W5Hmol4vV7s2mVyrD1NvR5resv_PD7o5akT0QVP8W6eXwPlTL4xZV3XR7gzfR4Yli4lD3CmFyERc6GF_syPmwDY&sig=Cg0ArKJSzJSQKqvtk657EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Apr 2021 19:51:52 GMT

GET
DATA 200
OK truncated
/ Frame F808 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7388a22381854ab5a68f46d811fee4071f3eca8f43e6907abfb3390d0b056242

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E560 0
0 59ms
58ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvo34yZqAq_RYPHO1tNLF-ZV6F1WbSsMpI0621aAcFOLhCwHCb9Y_wZGLnFCAl3vTTLDZvXhsjrnJhXfw05CWr4sk9emnHwyvr2CnVwmtzfbsHbNWOwHWVJlcM3bUP0eNJg8HZZYj8HRTXkV9vwJx0IvjUj4t06pk9mPz9Rmd987ronKJ4mI5hi5xmaXhZUX_365bOhb1pq-Wpo5-LTNs5gKQEBCm6kv2cSeiyDQBd899y7u908r3cbfVkj7e0WSK8YpIhC6rKVBC9PrCKFOvNJTXfPjD9vgJ5EOMMpS-ab2umnhZP8VbV27wSczEqxpEQN0AdVBzJgt6FBA&sig=Cg0ArKJSzA4HKiBxBU9bEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Apr 2021 19:51:52 GMT

GET
DATA 200
OK truncated
/ Frame E560 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11eafff81d0f472e3c0af805ebcd865970e3baa9a4c40174b8c12249c1b1f37b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9469 0
0 58ms
58ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLIi8cPTgaooAh5mX2lkPH3kcypAhkl6R7xop6BKZ1MLc31KJbdyXK9KWkYqr9AGMDkc6mbv2DPMk8d7XemyPVrSageP-Sg13-p5BDx9a1x3HNEtXEXF6JF2xCtXaN8Fr4SFuExIN_Db-RqPZOrApflMBGVipxx8ImVPDT4BjbSY1EL297MK2C8i6EJucEToYMqFGKuLlqte3WlxETBZ8YYDl7VWUrIR4fEqDaPoikFN4gwhlz6XstLdaLjOk-A5jDbxmkPOBqsfZpPZEBplcqS48rvpl_GRD16xL37knb-UnyPgpSgfXHr-d20cTwD4AmQOx4hNzJADQJ1A&sig=Cg0ArKJSzJsJ7IXp6tzrEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:51:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Apr 2021 19:51:52 GMT

GET
DATA 200
OK truncated
/ Frame 9469 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d46ebb4b46cfca01b8e88ee4b184dca8497892b4170d6ba0688ce22e82fc64b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 58D6 0
587 B 72ms
18ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160200&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Fri, 30 Apr 2021 19:51:52 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F808 42 B
501 B 57ms
38ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTIUotDVI1d2hRZ4-MWKws7VXNNCr9Dh5Zi5KnSJHlVKLxUk6TflbRLh0nxbysl5tUS92nM3JKol2tEO4S6f_kGj7rrnBzdUtd2BD2n0s&sig=Cg0ArKJSzOxh9V1VM0RBEAE&id=lidar2&mcvt=1000&p=17,1140,67,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2961424806&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311889&dlt=0&rpt=167&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E560 42 B
108 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAzq6ibm61TJo1yrYtq0sgIkyUM3fHvjh8eE_Bqe0sihWLCjBUKweivehrLM6q2pduKvfqTmYnwamR7RFkhlkm-Ix2vOYkyn2cF6wTEGw&sig=Cg0ArKJSzPMOMdk9CAJuEAE&id=lidar2&mcvt=1000&p=182,436,272,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1062004577&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311922&dlt=0&rpt=112&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9469 42 B
108 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVlDUsAiDoh05v694aw5NyiDB0LoeNkDE4QmnWoSgbuB8JtzhZmX6gnqztzPvpbg4Zbpq47l0YnD3QVDUEJUJXPFDBtsaXFFc1Dxa-sL4&sig=Cg0ArKJSzDbtwIp7fgmyEAE&id=lidar2&mcvt=1002&p=305,1138,555,1438&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2986897037&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311923&dlt=0&rpt=140&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 618 B
968 B 372ms
261ms Fetch
application/json 172.67.75.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1619812318452
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e17fe784d48f722da2825c40067111e38e6c09e267cb7eca22e08bf63fb008

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LI8RaZhc0fRDvGqvRu%2F3BPr27hy1aKPXFpPAWg%2BnWZo7guXEzh1IVfBk%2FL2dN89gmi9%2F9JRjwkx87G7TmKXmKFd7x547nrRQ4YPkuocduH6KpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64834ecf2f2141f6-MRS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c5ef9576000041f694840000000001

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 143 KB
42 KB 10ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC7) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 38701
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/8FC7)
etag: 0x8D9056E3D50F079
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bcd0e1cb-001e-00c7-0aa0-3d5abe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 11 KB
3 KB 11ms
10ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F80) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 38701
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F80)
etag: 0x8D9056E339D05A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4f09f136-501e-00f6-1ba0-3d0169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 7 KB
2 KB 11ms
10ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 38661
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:31 GMT
server: ECAcc (frc/8E9E)
etag: 0x8D9056E3391B836
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7b484493-701e-0062-5ea0-3d61a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 6 KB
2 KB 12ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F12) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 38661
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F12)
etag: 0x8D9056E33BE9F96
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2bf2350-201e-009f-68a0-3d5ec5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 14ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F95) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 38701
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F95)
etag: 0x8D9056E33C99EC8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 391f2223-c01e-0095-54a0-3d474c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 15ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 38701
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8FAB)
etag: 0x8D9056E33DFC44A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8709ec2f-a01e-0060-70a0-3d635d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 13 KB
4 KB 14ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8E) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 38675
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F8E)
etag: 0x8D9056E33EAC378
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ce1ccee4-a01e-0042-3ba0-3d0d6b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 114 B
241 B 11ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Apr 2021 19:51:58 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 38661
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F1E)
etag: 0x8D9056E33D49E04
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 20101666-001e-00cc-3da0-3d42ca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 133ms
133ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=8c8e5178800d88861eca8b5005abf763&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Protocol: HTTP/1.1
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Fri, 30 Apr 2021 19:51:58 GMT
Content-Length: 0

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 263 B
1 KB 212ms
211ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=8c8e5178800d88861eca8b5005abf763&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: 931192467ab411c7703f724aafb368a05bbbbb26f704117889614455affbe159

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk4MjY3MTF9.Gc3awqXRmY9GW3pGMJSur5hACCbli1IjmuvrFgrBroA
source-system: Plugin
site-code: DFM
autoqa: false
access-control-allow-origin: *
settingskey: LANG,OCR
ssid: c72ad0472c9beb7198091821c1261eb0
environment: prod
attr: OCR
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
location: System
accept: application/json
Referer: https://www.ocregister.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:58 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 289
X-Server-Time: 4/30/2021 7:51:59 PM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 137ms
137ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views
Protocol: HTTP/1.1
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Fri, 30 Apr 2021 19:51:58 GMT
Content-Length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
112 B 12ms
12ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1882219876&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ocregister.com%2F&ul=en-us&de=UTF-8&dt=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aGjACEAjRAAAAC~&jid=1248267958&gjid=767944088&cid=544565697.1619812311&tid=UA-61435456-15&_gid=791990884.1619812319&_r=1&gtm=2wg4l3NFD2QGD&cd3=ocregister.com&cd121=Not%20Set&cd95=Not%20Set&cd96=Not%20Set&cd97=Not%20Set&cd98=Not%20Set&cd100=1619812319303.yewhzr4&cd101=8c8e5178800d88861eca8b5005abf763&cd102=Not%20Set&cd103=Not%20Set&cd104=Not%20Set&cd105=Unknown&cd106=Free&cd107=SCNG%20Free%20Conversation&cd108=3&cd109=unlimited&cd110=NaN&cd111=2021-04-19T13%3A46%3A53Z&cd112=Not%20Set&cd113=2021-05-19T13%3A46%3A53Z&cd114=Not%20Set&cd115=Not%20Set&cd116=home&cd117=1619812319304.0.gjqvi12y74c&cd119=Not%20Set&cd120=Default&cd122=1.0.0.2&cd123=Not%20Set&z=591532635

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1324
date: Fri, 30 Apr 2021 19:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 21:29:55 GMT

POST
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 0
1 KB 270ms
269ms Fetch 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk4MjY3MTF9.Gc3awqXRmY9GW3pGMJSur5hACCbli1IjmuvrFgrBroA
source-system: Plugin
site-code: DFM
autoqa: false
access-control-allow-origin: *
settingskey: LANG,OCR
ssid: c72ad0472c9beb7198091821c1261eb0
environment: prod
attr: OCR
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
location: System
accept: application/json
Referer: https://www.ocregister.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:51:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Content-Length: 0
X-Server-Time: 4/30/2021 7:51:59 PM
Expires: -1

POST
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1248267958&gjid=767944088&_gid=791990884.1619812319&_u=aGjACEAjRAAAAC~&z=481097718

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Apr 2021 19:51:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1248267958&_u=aGjACEAjRAAAAC~&z=526818396

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-15&cid=544565697.1619812311&jid=1248267958&_u=aGjACEAjRAAAAC~&z=526818396

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:51:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 117ms
23ms Preflight 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 19:52:13 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 607 B
724 B 61ms
61ms XHR
application/json 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

292c9fcf505743e1833da206ea8ab2ba4957c3c2ade0120070e18d73f4515467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 32C8803E-EA37-4217-A686-B1415B625A04
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 19:52:13 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 607

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035443/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
347 B

291ms
288ms

Script
application/javascript

13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:27:27 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: kZxsk40sBAJ3lIgIXs0mal7-vkFcqR_r_Ce3ozno_AlA_8rWdb91gA==

Redirect headers

date: Fri, 30 Apr 2021 19:52:14 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: UzwQXX4_GsZXmoiVVF7w_HOYJ9BfJLs8sVb_B5LXoi8Z3gPiWCmAiA==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 58FB 0
150 B 68ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.ocregister.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.ocregister.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ocregister.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1585
date: Fri, 30 Apr 2021 19:52:14 GMT
content-length: 0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 6F50
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

26ms
24ms

Document
text/html

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b2b52e2b31c3e762c48ffc484b3669ea393be3a186103ab0d196d0c0b15806ee

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=14719462699072315865
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ocregister.com/

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
content-type: text/html; charset=utf-8
content-length: 480
set-cookie: sync=CgoIgQIQ1vbaopIvCgoIkQIQ1vbaopIvCgoI4gEQ1vbaopIvCgoIkgIQ1vbaopIvCgoI5gEQ1vbaopIvCgoIhwIQ1vbaopIvCgkIOhDW9tqiki8KCQgLENb22qKSLwoJCF8Q1vbaopIvCgkIHxDW9tqiki8=; Max-Age=7776000; Expires=Thu, 29 Jul 2021 19:52:14 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14719462699072315865; Max-Age=7776000; Expires=Thu, 29 Jul 2021 19:52:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Fri, 30 Apr 2021 19:52:14 GMT
content-length: 0
set-cookie: tluid=14719462699072315865; Max-Age=7776000; Expires=Thu, 29 Jul 2021 19:52:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042901&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ace2f4746d91589d6ba740fd2b6e6ecb82cd2035aea9a8b101b0248a41d1153d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7634
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 30 Apr 2021 19:52:14 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 60ms
59ms Preflight 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.ocregister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 19:52:14 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 223 B
293 B 65ms
65ms XHR
application/json 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 3AF7C497-C525-47EE-9AF0-99B8F78DB03F
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 19:52:14 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 223

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CC44 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ocregister.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 30 Apr 2021 18:55:52 GMT
expires: Sat, 30 Apr 2022 18:55:52 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3382
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2978 783 B
825 B 21ms
20ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19a9ef5b1261e5ed882f3e71d13b1348ca1087cef3e8f0dd205b37d27e94a75a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-89FdjAyPso/ZgeP2MtGoAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ocregister.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ocregister.com/

Response headers

expires: Fri, 30 Apr 2021 19:52:14 GMT
date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-89FdjAyPso/ZgeP2MtGoAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame CC44 14 KB
6 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 07:45:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 43597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 07:45:37 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6F50 70 B
264 B 34ms
30ms Image
image/gif 52.30.186.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 6F50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFi1g9j7vKG3ncFJ7_uHJGg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

25ms
25ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFi1g9j7vKG3ncFJ7_uHJGg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFi1g9j7vKG3ncFJ7_uHJGg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6F50
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MTk0NjI2OTkwNzIzMTU4NjU%3D

170 B
188 B

32ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MTk0NjI2OTkwNzIzMTU4NjU%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MTk0NjI2OTkwNzIzMTU4NjU%3D
date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET c.gif
c.bing.com/ Frame 6F50 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 6F50
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/14719462699072315865?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-51GVZsBE2oQgHdVu3xeTHf2Oh3UgW1f2KrkGYv8fgw--~A&dongle=0883

37 B
353 B

41ms
41ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-51GVZsBE2oQgHdVu3xeTHf2Oh3UgW1f2KrkGYv8fgw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 30 Apr 2021 19:52:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-51GVZsBE2oQgHdVu3xeTHf2Oh3UgW1f2KrkGYv8fgw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 6F50
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=160106842101282621&dongle=4d58&gdpr=1&gdpr_consent=

37 B
353 B

26ms
26ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=160106842101282621&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:14 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 8de5df55-c656-4a3b-8d55-de4eb39b90bb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=160106842101282621&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 6F50
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14719462699072315865
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14719462699072315865&dcc=t

0
0

98ms
98ms

Image
text/html

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14719462699072315865&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:14 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14719462699072315865&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 6F50
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

23ms
22ms

Image
image/gif

18.157.239.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.239.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6F50 0
0 52ms
17ms Image
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=14719462699072315865
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6F50 0
0 57ms
20ms Image
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=14719462699072315865
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

results.txt Show response
xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvy8knynx
https://xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

118ms
29ms

XHR
text/plain

2.17.123.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.17.123.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-123-176.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:52:14 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 30 Apr 2021 19:52:14 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvy8knynx
https://fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

62ms
6ms

XHR
text/plain

2a02:26f0:120::211:7ba9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:120::211:7ba9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 19:52:14 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 30 Apr 2021 19:52:14 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042901&jk=3806243294406793&bg=!XF-lXxvNAAZLnZBaS507ACkAdvg8WgP8PVSzBqTREUjMS4EuFZm5P7ZjtahWhbCtdsjb6BY4jfLdCQIAAACQUgAAAA1oAQcKAMdtWN56jLK6d9Kpl7RkhgPAKPoJ7tUXHC-9ctksBj9k-mg6G79O4i1K0u-7uBNR0A3WN0OdVW1NQ3W0CmEUiznkfd3awPBXS3dLnfm4Y7uMVB_lTFvodcEKgPZ6F3gyFHzcJgxASGEg7KqGFgMjdd60E0tnEciu13rutMTe9VoqnPsWvIPP66OHUlNFaomVtA_4CC8b0YTDjxD9dnVsb5ztqCcqj14dpPW198UiEYdEvntovTu6Z2ZxJsj3knDyDa6n4DXlo6ngmQJH7BmVQ356eJI89mtIhzybs1blSmhoQqp9yQ8c4ENqMX71wpxEWBxaQtIGhwVNxYNoaoEB92Z-qOjiL_OtNrlptKcd00oYlg0BBcK7C9tpK3XDj0SzfWsRZqD4nEAUANR0U8LeTbJICLzVx5seBAoyuR2t1CcMo07IiCWmYt08IU9ibaU7-6qIWxs0_OtL1BjawU99S0bE87513U9gEzeF8NAEYjzYiWm515HTKZq-n89dMs1h4bepocDF2t0ba8cAIauQRd5S0LNUxbzu6rVGeMU1EHxE7SCKdYjhm3drIVx6s_aVgf9KM3uvYOqT5lVmWJiFQPzztGPsDFH9WGya0PPYRO8qoFoygrD1dR77yymA1OGP5I8XW7cQg6YztGdaqPlFcZBVbpJjQbBcL9z5YoEQW0umEsJZOCpOc68GjEQLfYvyhUv4qcOQgp6d1RFzrXlCUym-c7LpOF0HfoFcNpML8XiYstsTMKeatjSVnqMd5gf1uAg9kmUs4H0XYP2_VQ-do9md5STdQeF0QA6-z2yj38nV-7cr_EUw0AGWxDhP0l5QspSvzh6F42nOPqcpf2gbJVfLSgwJkZsM8uKF69xeBZsHsshVaIp-9nU1NB5k0NOOvKzslqzxSWktxoJX7_MYBbTU53STXVN3Xl-tkmK9UCY7CfqenIjejz2XPxE0oa8r4_g070IZDDRguNAkC64gfeGQL1SvXs0ltcvHKeBJ1Nf2RH9y7Fi9Q66y4pqoAaqSsHN32hei9dyIg5W1rWmvRFAqTQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content /
1737ad59.akstat.io/ 0
359 B 127ms
97ms Ping
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://1737ad59.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:14 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 30 Apr 2021 19:52:14 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
148 B 50ms
17ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=3721999057
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 227ms
226ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 88ms
87ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.ocregister.com%2F&pid=jb8RVIEaMbWpD&cb=1&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Finterstitial%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:21 GMT
via: 1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 29Xl7aJbs20osEZEEJFh8DmHvPG0PcAegfa3UASkOWt02H3rDLD75w==

POST
H2 204 events
bidder.criteo.com/csm/ 0
148 B 17ms
16ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:21 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 63ms
21ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Apr 2022 19:52:21 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 64ms
22ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Apr 2022 19:52:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
165 B 44ms
43ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 461 B
769 B 60ms
60ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3806243294406793&correlator=825469462624008&output=ldjh&impl=fifs&eid=31060950%2C21064372%2C31060412&vrg=2021042901&ptt=17&sc=1&sfv=1-0-38&ecs=20210430&iu_parts=8013%2Cocregister.com%2Chome%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ris=31&rcs=1&prev_scp=POS%3Dinterstitial%26zeus_rendercount%3D2%26zeus_slot%3Dzeus_interstitial.ref.dsk%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dapplied%26kv%3Dhome%26page%3Dhomepage%26RPN%3D350358632451%26rurl%3D%26articleid%3D8403952%26best%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1619812342&dt=1619812342108&dlt=1619812309915&idt=925&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=177&adks=2682496275&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fwww.ocregister.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x0&msz=1x1&psts=AGkb-H_1L2QjdbwPzf9DdnFKzkvqfXL6FqG9gXQoE-c_dhkiphL1KC9UWJIhJ39ioLOsT9C7TG6CnsJStJg%2CAGkb-H9K_Z5j3SC3VV1ybX_fENX3FVildrQz2Tb0Fz4CBIorXo0fwpIhgtLatpYmXNYnCiPDZIX8SostLEY%2CAGkb-H9CZUyUtXwXuWPsYQzDGd6YBQ70KxSCmqIhK-6mawK2USWSAMj_SRmtOWN3cT2aJXHWbMCnj5KsTZo&ga_vid=544565697.1619812311&ga_sid=1619812311&ga_hid=1882219876&ga_fc=false&fws=132&ohw=1280&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

47d29b0d6cdff5e72c1382a58b46062f59c69a5a627dd2b2d9d9fba5968576b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 442 B
1 KB 39ms
39ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:23 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: b527b427-1369-4081-bcbe-965384e0bbbb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 442
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb
bidder.criteo.com/ 0
148 B 19ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=61880121794
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:22 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 cygnus
htlb.casalemedia.com/ 66 B
415 B 224ms
150ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=212590&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A64002394%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ocregister.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22597048%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22597049%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22597050%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22597051%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22597052%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22597053%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22597054%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22597055%22%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22597056%22%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22597057%22%7D%2C%22id%22%3A%2210%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22597058%22%7D%2C%22id%22%3A%2211%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:23 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.100], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.ocregister.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 28
expires: Fri, 30 Apr 2021 19:52:23 GMT

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
62 B 19ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json
fastlane.rubiconproject.com/a/api/ 472 B
4 KB 154ms
152ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=353666&tk_flint=custom&slots=3&size_id=44%3B2%3B15&alt_size_ids=%3B55%2C57%3B9%2C10%2C54&zone_id=1882796%3B1882798%3B1882800&rp_floor=0.01
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:23 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 472
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction
tlx.3lift.com/header/ 19 B
478 B 159ms
159ms XHR
application/json 18.184.0.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.ocregister.com&debug=false

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 19:52:23 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 88ms
88ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.ocregister.com%2F&pid=jb8RVIEaMbWpD&cb=2&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x50%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2FSponsorship_1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2FCube1_RRail_ATF%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:23 GMT
via: 1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -NQEIrG6uX1u8j3iNO9KNSo1kB1mqDvA7REb8dxcCa3mKhXOAtiFSQ==

POST
H2 204 events
bidder.criteo.com/csm/ 0
148 B 19ms
16ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Fri, 30 Apr 2021 19:52:22 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 23ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:23 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Apr 2022 19:52:23 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 24ms
24ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:23 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Apr 2022 19:52:23 GMT

GET
H3-29 200 integrator.js
adservice.google.be/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js
adservice.google.com/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 19:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ 100 KB
17 KB 384ms
380ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3806243294406793&correlator=825469462624008&output=ldjh&impl=fifs&eid=31060950%2C21064372%2C31060412&vrg=2021042901&ptt=17&sc=1&sfv=1-0-38&ecs=20210430&iu_parts=8013%2Cocregister.com%2Chome%2CSponsorship_1%2Ctop_leaderboard%2CCube1_RRail_ATF&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=300x50%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&ris=32~32~32&rcs=1%2C1%2C1&prev_scp=POS%3DSponsorship_1%26zeus_rendercount%3D2%26zeus_slot%3Dzeus_Sponsorship_1.ref.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26zeus_rendercount%3D2%26zeus_slot%3Dzeus_top_leaderboard.ref.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26zeus_rendercount%3D2%26zeus_slot%3Dzeus_Cube1_RRail_ATF.ref.dsk%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dapplied%26kv%3Dhome%26page%3Dhomepage%26RPN%3D350358632451%26rurl%3D%26articleid%3D8403952%26best%3D&cookie=ID%3D24907e88705f53c1-2269850ff9c700b0%3AT%3D1619812342%3AS%3DALNI_Mb0Tba301npphUZP1M-646-IgOlPA&bc=31&abxe=1&lmt=1619812343&dt=1619812343380&dlt=1619812309915&idt=925&frm=20&biw=1600&bih=1200&oid=3&adxs=1140%2C436%2C1138&adys=17%2C182%2C305&adks=2961424806%2C1062004577%2C2986897037&ucis=6%7C7%7C8&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fwww.ocregister.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50%7C1600x96%7C300x250&msz=300x50%7C728x90%7C300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=544565697.1619812311&ga_sid=1619812311&ga_hid=1882219876&ga_fc=false&fws=4%2C4%2C4&ohw=300%2C1600%2C300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17031
x-xss-protection: 0
google-lineitem-id: 5677714481,5670564854,5667006136
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347594186,138347085874,138346261809
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats
as-sec.casalemedia.com/ 0
316 B 89ms
33ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=212590&u=https%3A%2F%2Fwww.ocregister.com%2F&v=3
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 19:52:23 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 30 Apr 2021 19:52:23 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F808 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 84CB 0
0

GET
H2 200 5920208518491714354
tpc.googlesyndication.com/simgad/ Frame 84CB 21 KB
21 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5920208518491714354

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:27:11 GMT
x-content-type-options: nosniff
age: 303912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21837
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:46:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 07:27:11 GMT

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 84CB 0
0 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/ec44c2ac620c8369476777579e3b4dc85d1ae0f4103c4b945e6906dc20865d2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 19:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 19:48:51 GMT

GET window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 84CB 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84CB 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E560 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9469 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame C7AB 0
0

GET 190211843820857473
tpc.googlesyndication.com/simgad/ Frame C7AB 0
0

GET abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame C7AB 0
0

GET window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C7AB 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C7AB 0
0

GET l
www.google.com/ads/measurement/ Frame C7AB 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 5EFD 0
0

GET 16725634446168361517
tpc.googlesyndication.com/simgad/ Frame 5EFD 0
0

GET abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 5EFD 0
0

GET window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 5EFD 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EFD 0
0

GET l
www.google.com/ads/measurement/ Frame 5EFD 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2020/coronavirus/covidchart.php?site=OCR

Domain: c.bing.com
URL: https://c.bing.com/c.gif?xid=14719462699072315865&Red3=TLMS_pd

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTIUotDVI1d2hRZ4-MWKws7VXNNCr9Dh5Zi5KnSJHlVKLxUk6TflbRLh0nxbysl5tUS92nM3JKol2tEO4S6f_kGj7rrnBzdUtd2BD2n0s&sig=Cg0ArKJSzOxh9V1VM0RBEAE&id=lidartos&mcvt=31764&p=17,1140,67,1440&mtos=31764,31764,31764,31764,31764&tos=31764,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2961424806&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311889&dlt=0&rpt=167&isd=0&msd=0&r=u&fum=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuBP9-3hKnyAGu3PEGE5CutbJ0RVEoGq58l3_k-pDlt6x9nTh_ZKqUSHh9r7fPPYmQ-L3dWyw70Z90f3tTqMHqIYnrh3Th7ivhYYScq_B4KZYW0L6BgJCZZ7SnqAeYVlgnieyLs8VST2S_bCYe-d7OR3LGSbkZhrUcdirJzdbihJY5yhbXxFUbc_TwnRY6ONkA2XgYfYXGfFha85KXoo2wgyE41Rm6AmkRwfhKvcNNAKJZ7t3hY2SWk4ts9TZzEFUG2CVj3fhLjht_GOiOfg_Sh5_dPgvnhNXEQKWZXNPs4BZ9GBvWoy0_WYZrGpT4mpYvw8AZ&sig=Cg0ArKJSzLL7DLXjKAnQEAE&adurl=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAzq6ibm61TJo1yrYtq0sgIkyUM3fHvjh8eE_Bqe0sihWLCjBUKweivehrLM6q2pduKvfqTmYnwamR7RFkhlkm-Ix2vOYkyn2cF6wTEGw&sig=Cg0ArKJSzPMOMdk9CAJuEAE&id=lidartos&mcvt=31787&p=182,436,272,1164&mtos=31787,31787,31787,31787,31787&tos=31787,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1062004577&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311922&dlt=0&rpt=112&isd=0&msd=0&r=u&fum=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVlDUsAiDoh05v694aw5NyiDB0LoeNkDE4QmnWoSgbuB8JtzhZmX6gnqztzPvpbg4Zbpq47l0YnD3QVDUEJUJXPFDBtsaXFFc1Dxa-sL4&sig=Cg0ArKJSzDbtwIp7fgmyEAE&id=lidartos&mcvt=31797&p=305,1138,555,1438&mtos=31797,31797,31797,31797,31797&tos=31797,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2986897037&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619812311923&dlt=0&rpt=140&isd=0&msd=0&r=u&fum=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCe18FgYE_t84y07VRnMS1IUF5FoP4HBDjstzLG6zBbcG8wsL8sXieb4bbHdgBU7zFFURwX4ZZ7JJwJZbZuivf_Q-EoUps94IHpUFfNCHNvE9PY9iDl0ahfvmT40EkLdHDP4Te45nWMLOOaFeemsxRWpA1KyCwegMUfwrJOIdVa3JOyrEwfODGp6S3ARyKSJba9DPA7faBdrH2pqEdatgIAt4Bb7tJdCgTywkQn5JmUYh0LgoDQWVhIuGbD5du_GcXb-qITfIlQP9NaizFP2Ms3PjyVB8QX2g2T6tkUDFysIRT59-ftEwabYLhXdjs3OYdBjEb5GFxuhQ&sig=Cg0ArKJSzHUW2c_vQjDjEAE&adurl=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/190211843820857473

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfqtBcw_OBx9W0bge8wYimuwCfwMhYEItCrEHJxAcxe0nTo5G2uThF_-zfz0d9xnfGh4fn

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmJXvyv6lflFKmZrvP-696KGhwrOlRjonVbwHMDeLaTsHrixf9rLBLcVPX2FBehAEayr_bWxGLRkDhTODQnKBT24kLdS81CkuuyWEPIITVkW440ZDg2_8XMz_zFzFzpHHrV3noyfu7fuug_VeNl8VFyJHyHIKOc_HCw4UbCS4m_BZg9WwyMwn4MqCTvb0PEkG2OIEUsTinO-xSXqoYrqEaQaHk6D02bc1CrZSIxZO7Vx1yGZuyP9lPVzj4ADIrRc1oOz_33IRyBoy00gDcgtOdv0yEMn2D85MiVjwAZHkWnoWSu-kRLiduycvIe2Ch2oaFkynLq_uOjC8&sig=Cg0ArKJSzCpnpoZNivWOEAE&adurl=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/16725634446168361517

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlYMws-7gC3XPCtmLGJEa6sryiiDAhMtTAliqL1lr9MBkOYJYJ29vqj5f20MabAD6QSTxS

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/	1970-01-19 20:06:28	Name: tluid Value: 14719462699072315865
.3lift.com/sync	1970-01-19 20:06:28	Name: sync Value: CgoIgQIQ1vbaopIvCgoIkQIQ1vbaopIvCgoI4gEQ1vbaopIvCgoIkgIQ1vbaopIvCgoI5gEQ1vbaopIvCgoIhwIQ1vbaopIvCgkIOhDW9tqiki8KCQgLENb22qKSLwoJCF8Q1vbaopIvCgkIHxDW9tqiki8=
.ocregister.com/	1970-01-19 18:06:57	Name: RT Value: "z=1&dm=ocregister.com&si=5475f6fa-9358-49a4-bc54-a3664c93cfe1&ss=ko4qfdbe&sl=1&tt=ixe&bcn=%2F%2F1737ad59.akstat.io%2F&ld=ixi"

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2) Message: Powered by DML ⚡ : 20210329-pathed-headers-1-g79d2644_prod_master
console-api	info	URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2) Message: DML Host : ocregister.com
console-api	debug	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: [customSSP] Registering custom bidder [object Object]
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: --ZEUS_LOGGER-- CCPA string not set [object Object]
console-api	warning	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: --ZEUS_LOGGER-- no configs [object Object]
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?(Line 1) Message: [object Object] Utf8
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://c.go-mpulse.net/boomerang/SVQUS-4T4CY-QDTQU-EH6NG-32Y52(Line 10) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://digitalfirstmedia.blueconic.net/plugin/library/6f1f66e3944fb124ee28e5e915a8e8ff(Line 13198) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://digitalfirstmedia.blueconic.net/plugin/library/6f1f66e3944fb124ee28e5e915a8e8ff(Line 13193) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 138) Message: [BC]DataLayer available
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 138) Message: [BC]Item will not be scraped due to incorrect type: !== article
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1060502780777063.
console-api	log	URL: https://cdn.blueconic.net/digitalfirstmedia.js(Line 138) Message: [BC]Pushing event: BlueConic.VIEW
console-api	log	(Line 1) Message: Regular browsing
console-api	warning	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: --ZEUS_LOGGER-- CCPA string not set [object Object]
console-api	warning	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: --ZEUS_LOGGER-- no configs [object Object]
console-api	warning	URL: https://mng-ocregister.zeustechnology.com/main.js(Line 2) Message: --ZEUS_LOGGER-- CCPA string not set [object Object]
console-api	warning	URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1) Message: AI: UrlTooLong message:"input is too long, it has been truncated to 2048 characters." props:"{data:GET https://htlb.casalemedia.com/cygnus?v=7.2&s=212590&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A64002394%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ocregister.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22597048%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22597049%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22597050%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22597051%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22597052%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22597053%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22597054%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22597055%22%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22597056%22%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22597057%22%7D%2C%22id%22%3A%2210%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22}"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1737ad59.akstat.io
ads.pubmatic.com
adservice.google.be
adservice.google.com
ajax.googleapis.com
api-mg2.db-ip.com
as-sec.casalemedia.com
aud.pubmatic.com
az416426.vo.msecnd.net
b1sync.zemanta.com
bf4296b68928dfa270a3386187fdfebf.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.go-fet.ch
c.go-mpulse.net
c1.adform.net
cdn.ayc0zsm69431gfebd.xyz
cdn.blueconic.net
cdn.p-n.io
cdn.parsely.com
cm.g.doubleclick.net
cmp.osano.com
connect.facebook.net
d1wa9546y9kg0n.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dc.services.visualstudio.com
digitalfirstmedia.blueconic.net
dis.criteo.com
eb2.3lift.com
fastlane.rubiconproject.com
fiaqj6absjkbikqce3ygyaaaabqiyx7o-pvy8kn-d455aa03a-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
loader-cdn.azureedge.net
match.adsrvr.org
mng-ocregister.zeustechnology.com
mwzeom.zeotap.com
ocregister.com
p1.parsely.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.quantserve.com
pixel.wp.com
polyfill.io
pr-bh.ybp.yahoo.com
prod-dfm-proxy-connext.azurewebsites.net
projects.ocregister.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync.mathtag.com
tlx.3lift.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trkn.us
uipglob.semasio.net
um.simpli.fi
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.ocregister.com
xhjnszaccc5bqyeml7xa-pvy8kn-2bdb41951-clientnsv4-s.akamaihd.net
c.bing.com
pagead2.googlesyndication.com
projects.ocregister.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
13.224.105.229
13.224.106.119
13.224.106.54
13.224.106.84
13.69.65.23
13.85.16.224
142.250.185.98
143.204.101.50
143.204.101.90
151.101.14.217
159.253.128.188
172.217.16.130
172.67.75.166
178.250.0.163
178.250.2.131
18.157.239.120
18.184.0.136
185.29.133.199
185.33.221.11
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
192.0.66.2
192.0.76.3
2.16.186.24
2.17.123.176
2.18.233.180
2.18.234.21
213.155.156.166
23.37.38.181
2600:9000:20c8:b400:6:44e3:f8c0:93a1
2600:9000:2104:f000:3:b7e:8940:93a1
2600:9000:2156:2400:c:2267:880:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::ac43:db6
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a00:1450:400d:808::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:120::211:7ba9
2a02:26f0:6c00:1b7::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00::210:ba19
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
2a04:4e42:200::621
3.225.112.210
35.201.96.126
37.157.6.245
52.217.196.217
52.30.186.230
52.70.122.68
54.144.144.142
65.9.84.49
65.9.84.50
65.9.86.61
69.173.144.141
70.42.32.63
72.21.206.140
77.243.60.138
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a9c0dd3ddbce5e11c8759a0d51f60b6e88d7f8a3fa18d60a4b55bcf50da3623
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d46ebb4b46cfca01b8e88ee4b184dca8497892b4170d6ba0688ce22e82fc64b
0dc3d7796bb686aa076231226692be7d0ec8a80649e36afad76a452735454e77
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1110e9e9c493825984fd2f24d0d756130e5cdb3f4c2ec68aad7120cfec507d18
11eafff81d0f472e3c0af805ebcd865970e3baa9a4c40174b8c12249c1b1f37b
124b3d139eae4f1566aab07f28f209d83c6ecfa67bd1ce6b7f0d79f9b0553aae
1253a35ae227bc3a277ee86c6fc21068468e8eab706ac80e7ca915f0cde67e05
128b73640da17e7f2dca44fdbe5108211db7f2cbd98caef1f6619aa36d29dd43
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a9ef5b1261e5ed882f3e71d13b1348ca1087cef3e8f0dd205b37d27e94a75a
1aa8511374d3937a752d82d79c2d839203c9c9a42ceeecdf694efe0aca0b38c5
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
21ce91794ae3eb67c07244a144b7f75e2e9454148e7dc0ffe6bd0f521a41b893
226f3e6f54baec0d82242c86b28e575b1c409a5938dd6cfc539dd6eedfe2054e
23ecbd0ba72fbe8bf20e6c79693dee5de16087a9321fa3df56cf97eafec77317
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
292c9fcf505743e1833da206ea8ab2ba4957c3c2ade0120070e18d73f4515467
2a50daae1b0701dad335f0d492160b43d246c509e7ad22e6b2dc666f57611369
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d63a01e1eab69bddfbebf4df2e258365f4337e50f498b807b9bcc30a1240e89
2f2da4eff2883da92c283cd85f7f89584edbe4f78898408b89b0e0734a9a2c37
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
330732ea30a43afe482b83ee9d650c06b3b8d39c8e3546a050c4e627fa6d9548
3975943682f5334f3d240f507f624ed54a994bda2761e5bf416789c65c83935e
3b398618651a911b49686e36cbc14a0d0fd43960f6bfb7889b81d0e84c92d686
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f851fd6e1f861e6b1698d9306eda176d43df956f089018da22be4e659f0f123
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
47d29b0d6cdff5e72c1382a58b46062f59c69a5a627dd2b2d9d9fba5968576b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b1ab04beb8f83f665baa646dabf14cbbf8a9de041d004749a8a792e7e76c45
4bc605c292343312a321a07b0c8e3f8057e6bab991d944b7906c94fbe71fdc77
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f099cce99a1da39267b744c3f358491ba72b048fea2bc652fe736b037881ea
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b
531a2be9296e3f4da42103194a334f25d0894193272e50aa905421c42344bda3
5417175f98d44ba446a911104db8eeef06c5429e4777f7bd289cde63cb7fa094
54bb1411d489da7bd74ccc70c44e20fbaedb5b953fcb4ca97ff5c277aff60925
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60f1f2bf3fb68046e74b3857cdbc7f1c2150f27b2e78285505f704ec863dfabd
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
672f8b3b98c1fe197bd7ff59a686e5890272b03583f7845008033b9b354db4e5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68f284fbc26d83a2a44bc056a8c564744b851d9e54a9ac2cbb2abd34d199a5f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9ffff3695ff82554146fbb51605fd5033af7258d4fdcca47130e705c49eb01
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7388a22381854ab5a68f46d811fee4071f3eca8f43e6907abfb3390d0b056242
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7c90960deb8e9638be83dd40f5a44da4fd2d5133f4f65492b9e847b5461d9b01
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80a1d9038bbc40fb2b03885202014154d49c0a2c3fc0b3c4d62bb418116b1b3f
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858a74096b62cc17750090e293b59f3ea7d00b8904131b687de3672bea278b4f
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931192467ab411c7703f724aafb368a05bbbbb26f704117889614455affbe159
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd
9767635d38357d9f68de5b7700d3a43ecf97cf5d6b727292105776da6347ff6d
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4d2cd015af26f4ca392c5a70fea86fcec7f4c3aa42f5eb8a15135de6be128e
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9e78d9a84dc2d69b84ac6b6c11b4efbcf1c396d65b78cdfd5069971fb1d7093c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b07503547eb615a6d9ca20069ef9a9a295baf02241e16a0d6fb6e97965e8c0
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a78eab5a365ef3590b6d2f74db1f9c9ec102b803045a1cd113525f5d0bcb189a
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab5186d21dd8de73feda81815eb24a9906b827a0ff943d5a8d59a22e30245952
ace2f4746d91589d6ba740fd2b6e6ecb82cd2035aea9a8b101b0248a41d1153d
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
affd3234f7381f0ee336f8fe6143bbfa400792bb6669a23683cd716394f1c75b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b52e2b31c3e762c48ffc484b3669ea393be3a186103ab0d196d0c0b15806ee
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4d442fa8808466406107adbf5673a454e26296dea0e65e60d71dfaae2589ccf
b98ae7740b942465f875abc90ebc8190acf2aa676c55c18dcc6d66ce68c5881d
ba14fb27d9998ef4d4c4466c5436aec6d37fac1f346a80d2567d51e5c38672bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd21e7f9cbc8bcc0b73e6f11a04a418834e7c8b0ef73db9941ad4e7b5f22af17
bdcc78d7899148a806c525d0b3fc679b0518622fb15b23c24153927831457c88
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c66dbf6b5716d3f7c8ece663d59bd0a576cc6bcc799e05c342255bcdce5338bf
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d30e1b7af57a77916992340d184ecd3faf3612ffe20d41f065d2555cdee9ce4b
d490d3fdf7b99a1f8ffb5bcded763dce85130bfc77ed480f7bba73dc6be2be0b
d4ad422577d5d3026d892312f17f163cf595ffa0b3686477c109340129927b2b
d4e10af75815e3c730c239f93c22695236ed9ffd398d40c33b00cc0309f74310
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488b6a49159d34d6cd22d7379048db9476b146756cca403b21d3f032b76ac10
e4cb92545debc096ddbad5c1b5aabc2d81619b50a13ae3e4553c7856bf48533b
e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e
eba507adec2db70dac91972b4d38442fd16e22f7041e38a528e48cac44aa3723
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3e17fe784d48f722da2825c40067111e38e6c09e267cb7eca22e08bf63fb008
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9e60e030262be59a6af29831c55d2949670827614ef5f8cd304addf9526275e
fb83e5a3eca34c4cf0efe1548b42beb8115c6f06330547574abb3c182bab3c17

www.ocregister.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

92 %HTTPS

43 %IPv6

57 Domains

87 Subdomains

74 IPs

9 Countries

3540 kBTransfer

12717 kBSize

3 Cookies

38 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

92 %
HTTPS

43 %
IPv6

57
Domains

87
Subdomains

74
IPs

9
Countries

3540 kB
Transfer

12717 kB
Size

3
Cookies

245 HTTP transactions
4 data transactions