www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ocregister.com/
Effective URL:
https://www.ocregister.com/
Submission: On November 17 via api (November 17th 2022, 1:45:51 am UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 36 domains to perform 130 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.ocregister.com. The Cisco Umbrella rank of the primary domain is 66545.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.

This is the only time www.ocregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	65.9.66.9 65.9.66.9	16509 (AMAZON-02) (AMAZON-02)
2 3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:0:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.245.48 18.66.245.48	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
2	99.86.4.47 99.86.4.47	16509 (AMAZON-02) (AMAZON-02)
13	18.66.147.13 18.66.147.13	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:8600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.155.140.61 18.155.140.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:1200:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
3	34.223.139.142 34.223.139.142	16509 (AMAZON-02) (AMAZON-02)
3	52.4.214.42 52.4.214.42	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:44f... 2600:1f18:44f0:4816:6265:43b5:e3ae:6742	14618 (AMAZON-AES) (AMAZON-AES)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.31 108.157.4.31	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
15	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	137.184.240.117 137.184.240.117	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.215.113 143.204.215.113	16509 (AMAZON-02) (AMAZON-02)
1	3.219.223.162 3.219.223.162	14618 (AMAZON-AES) (AMAZON-AES)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.217.131.89 52.217.131.89	16509 (AMAZON-02) (AMAZON-02)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
130	40

29 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-9.fra56.r.cloudfront.net

mng-ocregister.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:0:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-48.dus51.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-47.fra6.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.147.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-13.fra60.r.cloudfront.net

u066.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:8600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.140.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-140-61.ham50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:1200:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.223.139.142 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-139-142.us-west-2.compute.amazonaws.com

session.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.4.214.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-214-42.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4816:6265:43b5:e3ae:6742 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-31.dus51.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.czx5eyk0exbhwp43ya.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mg2connext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.184.240.117 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.foo.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.223.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-223-162.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.131.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	ocregister.com 1 redirects ocregister.com — Cisco Umbrella Rank: 59841 www.ocregister.com — Cisco Umbrella Rank: 66545 u066.ocregister.com — Cisco Umbrella Rank: 168659 session.ocregister.com — Cisco Umbrella Rank: 206859 projects.ocregister.com Failed	935 KB
11	czx5eyk0exbhwp43ya.biz cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 27653	208 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 51293	732 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	84 KB
4	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	156 KB
3	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 24266 fp-cdn.azureedge.net — Cisco Umbrella Rank: 34698 g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 34248	238 KB
3	gstatic.com fonts.gstatic.com	69 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	239 KB
3	blueconic.net digitalfirstmedia.blueconic.net — Cisco Umbrella Rank: 79872	2 KB
3	wp.com i1.wp.com — Cisco Umbrella Rank: 7457 stats.wp.com — Cisco Umbrella Rank: 2615 pixel.wp.com — Cisco Umbrella Rank: 2437	49 KB
3	google.com accounts.google.com — Cisco Umbrella Rank: 80	77 KB
3	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290	4 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1411	116 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3148	191 B
2	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 10527 i.viafoura.co — Cisco Umbrella Rank: 10383	3 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 790	3 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 5985	77 KB
2	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4728 k.p-n.io Failed	52 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 304	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	99 KB
2	cloudfront.net d3div1mtym39ic.cloudfront.net	79 KB
2	zeustechnology.com mng-ocregister.zeustechnology.com — Cisco Umbrella Rank: 182652	117 KB
1	mg2connext.com cdn.mg2connext.com — Cisco Umbrella Rank: 88111	2 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 22119	767 B
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 33880	1 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1580	591 B
1	foo.software www.foo.software — Cisco Umbrella Rank: 49332	96 B
1	w.org s.w.org — Cisco Umbrella Rank: 916	773 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 573	261 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	189 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1538	38 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1346	548 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2013	22 KB
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 10224	8 KB
1	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2489	21 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 8872	38 KB
130	36

	Domain	Requested by
28	www.ocregister.com	www.ocregister.com cmp.osano.com
13	u066.ocregister.com	www.ocregister.com u066.ocregister.com cmp.osano.com az416426.vo.msecnd.net
11	cdn.czx5eyk0exbhwp43ya.biz	cmp.osano.com
4	prod-dfm-proxy-connext.azurewebsites.net	cdn.czx5eyk0exbhwp43ya.biz
4	www.google-analytics.com	cmp.osano.com
4	securepubads.g.doubleclick.net	1 redirects www.ocregister.com cmp.osano.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	cmp.osano.com
3	digitalfirstmedia.blueconic.net	u066.ocregister.com cmp.osano.com
3	session.ocregister.com	www.ocregister.com
3	accounts.google.com	www.ocregister.com cmp.osano.com accounts.google.com
3	c.amazon-adsystem.com	2 redirects c.amazon-adsystem.com
2	cdn.confiant-integrations.net	cmp.osano.com
2	pixel.sitescout.com	www.ocregister.com
2	unpkg.com	1 redirects www.ocregister.com
2	cmp.osano.com	www.ocregister.com cmp.osano.com
2	cdn.p-n.io	www.ocregister.com cmp.osano.com
2	cdn.jsdelivr.net	www.ocregister.com cdn.jsdelivr.net
2	d3div1mtym39ic.cloudfront.net	www.ocregister.com
2	mng-ocregister.zeustechnology.com	www.ocregister.com
1	cdn.mg2connext.com	cdn.czx5eyk0exbhwp43ya.biz
1	api-mg2.db-ip.com	cdn.czx5eyk0exbhwp43ya.biz
1	paywall-ad-bucket.s3.amazonaws.com	www.ocregister.com
1	i.viafoura.co	www.ocregister.com
1	g2insights-cdn.azureedge.net	cmp.osano.com
1	fp-cdn.azureedge.net	cmp.osano.com
1	geo.privacymanager.io	ats.rlcdn.com
1	www.foo.software	www.ocregister.com
1	s.w.org	www.ocregister.com
1	pixel.wp.com	www.ocregister.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	insight.adsrvr.org	www.ocregister.com
1	sb.scorecardresearch.com	www.ocregister.com
1	ats.rlcdn.com	cmp.osano.com
1	api.viafoura.co	cdn.viafoura.net
1	polyfill.io	ajax.googleapis.com
1	az416426.vo.msecnd.net	www.ocregister.com
1	stats.wp.com	www.ocregister.com
1	cdn.viafoura.net	www.ocregister.com
1	cdn.parsely.com	www.ocregister.com
1	i1.wp.com	www.ocregister.com
1	cdn.auth0.com	www.ocregister.com
1	ajax.googleapis.com	www.ocregister.com
1	fonts.googleapis.com	www.ocregister.com
1	ocregister.com	1 redirects
0	k.p-n.io Failed	cdn.p-n.io
0	projects.ocregister.com Failed	www.ocregister.com
130	47

This site contains links to these domains. Also see Links.

Domain
checkout.ocregister.com
www.accuweather.com
enewspaper.ocregister.com
comicskingdom.com
store.ocregister.com
obits.ocregister.com
adportal.ocregister.com
myaccount.ocregister.com
www.digitalfirstmedia.com
facebook.com
twitter.com
instagram.com
www.chicagotribune.com
www.denverpost.com
www.orlandosentinel.com
www.nydailynews.com
marketplace.socaladsonline.com
careers.socalnewsgroup.com
scngorangecounty.column.us
adportal.socaladsonline.com
www.socalnewsgroup.com
www.medianewsgroup.com
myworkdaycenter.wd5.myworkdayjobs.com
mediakit.scng.com
access.medianewsgroup.com
www.socalnie.com
sponsor.medianewsgroup.com
vip.wordpress.com

Subject Issuer	Validity	Valid
develop.ocregister.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.auth0.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
pushlycdn.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
s762.pressenterprise.com Amazon	`2022-10-04` - `2023-11-02`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
viafoura.com Amazon	`2022-09-07` - `2023-10-06`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.ocregister.com Amazon	`2022-04-29` - `2023-05-28`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
www.foo.software Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-02-16`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
snibe7egl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-31` - `2023-03-03`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
sni1575gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-18` - `2023-02-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.ocregister.com/
Frame ID: EC930D44086F0F5AAAA036C6E28024DA
Requests: 126 HTTP requests in this frame

Frame: https://projects.ocregister.com/extras/embeds/2022/election-results/hpembed.php?state=y&site=OCR&county=occo&cntyRace=5001&stRace=008,040,042,044
Frame ID: 3E7234F943AD08EC3522011F907CBB78
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 7EE693211EE93D65E8673F298C24436C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 87A4801CB75FF5F4B3D1EBAECE8AEDBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orange County Register: Local News, Sports and Things to Do

Page URL History Show full URLs

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

130
Requests

88 %
HTTPS

44 %
IPv6

36
Domains

47
Subdomains

40
IPs

3
Countries

3511 kB
Transfer

12577 kB
Size

22
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV&returnUrl=https%253A%252F%252Fwww.ocregister.com%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/santa-ana-ca/92701/current-weather/38830_pc?lang=en-us&partner=mng_1
Title: 71°F

Search URL Search Domain Scan URL

URL: https://enewspaper.ocregister.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://store.ocregister.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=edit-nav&utm_content=&utm_term=
Title: Orange County Register Store

Search URL Search Domain Scan URL

URL: http://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/preference
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/privacy-policy/?returnUrl=https%3A%2F%2Fwww.ocregister.com%2F%3FclearUserState%3Dtrue
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://facebook.com/ocregister
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ocregister
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ocregister
Title: Instagram

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/access.aspx?utm_source=adtila&utm_medium=website&utm_campaign=access

Search URL Search Domain Scan URL

URL: https://www.chicagotribune.com/entertainment/music/ct-taylor-swift-20221115-nwiblpgkwnduxgwv3mger5r3fm-story.html?itm_source=parsely-api
Title: Taylor Swift fans crash Ticketmaster site, Capital One Cardholder Presale rescheduled to Wednesday

Search URL Search Domain Scan URL

URL: https://www.denverpost.com/2022/11/15/broncos-aaron-patrick-lawsuit-nfl-espn-sideline-injury/?itm_source=parsely-api
Title: Broncos' Aaron Patrick suing NFL, ESPN, others over sideline injury in loss to Chargers

Search URL Search Domain Scan URL

URL: https://www.orlandosentinel.com/business/tourism/os-bz-disney-world-ticket-price-increases-20221115-ffe5bgt6djcihoalvl4gr5u3ny-story.html?itm_source=parsely-api
Title: Disney World increases price of park tickets, annual passes

Search URL Search Domain Scan URL

URL: https://www.nydailynews.com/news/politics/us-elections-government/ny-trump-announces-2024-white-house-run-20221116-rdenvwe3dfdndotdfhu674upoq-story.html?itm_source=parsely-api
Title: Donald Trump announces 2024 White House run

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://marketplace.socaladsonline.com/scng
Title: Classified

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://scngorangecounty.column.us/place
Title: Legals

Search URL Search Domain Scan URL

URL: https://adportal.socaladsonline.com/scng-adportal/ocr-obits/index.html
Title: Obituary

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/about-scng-1/
Title: SoCal News Group

Search URL Search Domain Scan URL

URL: http://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://myworkdaycenter.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://mediakit.scng.com/
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://store.ocregister.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=edit-footer&utm_content=&utm_term=
Title: OC Register Store

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/rewards
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: https://access.medianewsgroup.com/d/socal
Title: Sponsored Access

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.socalnie.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: https://sponsor.medianewsgroup.com/a/?tag=socal
Title: Sponsor a Student

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: http://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/california-consumer-privacy-act/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 9

https://c.amazon-adsystem.com/aax2/apstag.js?ver=8.1.0 HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 33

https://securepubads.g.doubleclick.net/tag/js/gpt.js?ver=2.0 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 43

https://unpkg.com/web-vitals@3/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ocregister.com/
Redirect Chain

https://ocregister.com/
https://www.ocregister.com/

274 KB
52 KB

281ms
272ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

1cadc76b0fc1c557e2371e1d74b2cada75ca2ddf27f7b410ff6f197f99c04342

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 01:45:43 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.ocregister.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/8Ac4j>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
vary: Accept-Encoding
x-cache: miss
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 0 2 9980

Redirect headers

age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 01:45:42 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.ocregister.com/
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
vary: X-Country-Code
x-cache: miss
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn2 0 2 9980

GET
H2 200 boldcoastal.css
www.ocregister.com/wp-content/themes/assets/static/css/ 397 KB
59 KB 25ms
25ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/css/boldcoastal.css?ver=1668646412

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5332376498e574c732c5eec2794066db291defa732bbfd869081826403388374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:53:27 GMT
server: nginx
age: 2083
etag: W/"63758607-6329c"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60256
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 main.js
mng-ocregister.zeustechnology.com/ 0
58 KB 110ms
34ms Other
application/javascript 65.9.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-ocregister.zeustechnology.com/main.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ddfY5sUeXqpJR_HsYVU6l5CGafu02oYT
content-encoding: br
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 01:45:43 GMT
last-modified: Wed, 16 Nov 2022 18:03:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1896
etag: W/"8aac352c2506d28cb13c906cbdea84da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,s-maxage=3600
x-amz-cf-id: SG6h9tCg_W5_MzG6HLoRNAesyBSnnzNVpA7ZbrsMXFMZLY-UxpkuMQ==

GET
H2

200

apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

0
40 KB

25ms
25ms

Other
application/javascript

2600:9000:20eb:0:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Server: 2600:9000:20eb:0:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:38:22 GMT
content-encoding: br
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 443
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: -ztxA14k4xZI7inEdjFmOAH1xoCcsbY50W1yIHMQiflWlHq5NbnH9Q==

Redirect headers

date: Wed, 16 Nov 2022 22:41:11 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 11073
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: 08eJAduFhuJc8ecG0O12uiwzroSqU5I2HA7Q5jXrxt0HClotEw7yXw==

GET
H2 200 wp-emoji-release.min.js Show response
www.ocregister.com/wp-includes/js/ 18 KB
5 KB 24ms
24ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 19:44:36 GMT
server: nginx
age: 101372
etag: W/"6373ec24-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5004
expires: Fri, 17 Nov 2023 01:45:44 GMT

GET
H2 200 style.css
www.ocregister.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
405 B 40ms
40ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1668552107g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:47 GMT
server: nginx
age: 93386
etag: W/"637415ab-370"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 325
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 /
www.ocregister.com/_static/ 12 KB
4 KB 40ms
39ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJx1j90KwjAMhV/ILAoyvRHxUbo2bsE2HU2K+PbOH3SKXoWcw3eSg+cRfBYjMRxj7VkUwzGBlaoGLIG9s1wU1ZyxR6+K316TWJrJWOCPsIFcOZHgWLv45J8SPKS/ZJIeAvestXudn2uN2iWS/uWVjeBjyb7QxBqVeR2dVJKfJXzkaUCq75zi8RAUnSqZ3vmUO44ELgyknAXub92i9mm3atttu27Xy80VyReICQ==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3136b96048f9c29a1d848c33aebad359baae43d28c3734fd21b1019e9aaddd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:53:27 GMT
server: nginx
age: 2346
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4157

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 81ms
32ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20795038
x-jsd-version: 1.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA, cache-hhn4082-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dOVD5XJ%2Bqtz8tTu8fRJFGIAy2sLz9oi%2B4HGDZSWqfOYlljPGkTnE6h%2BY2R2g4UDVqqgwyyjr08DlDgEEvvoNlfmDIXwasKeklcth%2B5UWQ0%2FKIcQTIer%2FEzaGsJmKjpyysgJI0lz4NKO7esN4OE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76b4c9df98479b3a-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 91ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.1.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5160a5031b52a3a7bc884baef7e68015f3ed254ab5df11e55278a2ee4ab4ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Nov 2022 01:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 00:35:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Nov 2022 01:45:43 GMT

GET
H2 200 /
www.ocregister.com/_static/ 85 KB
17 KB 186ms
185ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyNj+EKwjAMhF/INFbY2B/xWUqbjeralCV17O3twIEggv9yl9zHBdcCnrNSVixznWIWDGMCFyBxEBR1Gj16aaNfiLJJMZsmT/gj+Yxu5Lo4KAsr61bogHxujeg2k3yRUoUDdictzj/AWtNhK1PbPa4xTKSCygUKi+4NG+hvzv7I29gzt3S1fT903cWehxcIwmJn

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c07a2e158e7901d49b9c2ff4416803055675f3a7a7c9243e3c87d6be8f518ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:48 GMT
server: nginx
age: 0
vary: Accept-Encoding
x-cache: miss
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js?ver=8.1.0
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
40 KB

87ms
28ms

Script
application/javascript

2600:9000:20eb:0:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Server: 2600:9000:20eb:0:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:38:22 GMT
content-encoding: br
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 442
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OibfbtzGfK5nBWxvnR9Gmx-4kmYsbiDBE8xV-Z4hQvC3JlGyyGgRVw==

Redirect headers

date: Wed, 16 Nov 2022 22:41:11 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 11072
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: fuMANkDym6KKu_EZNDYessCXj5baIOLV2QT9ZAX9ukjJoiUwsfvS6g==

GET
H2 200 zeus-adapter.js Show response
www.ocregister.com/wp-content/plugins/dfm_zeus/assets/dist/ 19 KB
6 KB 38ms
38ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1668552108g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ff0b3b0d7adc47e7b9bafbf0dd71f8b0029511df30b9f797b9866a5545db5828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:48 GMT
server: nginx
age: 93386
etag: W/"637415ac-4b55"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6023
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 main.js Show response
mng-ocregister.zeustechnology.com/ 346 KB
58 KB 27ms
26ms Script
application/javascript 65.9.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-ocregister.zeustechnology.com/main.js?ver=6.1.1
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17625cdf32733046274ae55e069947ee72a37e31955d709e41aef892618bbd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ddfY5sUeXqpJR_HsYVU6l5CGafu02oYT
content-encoding: br
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 01:33:45 GMT
last-modified: Wed, 16 Nov 2022 18:03:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2084
etag: W/"8aac352c2506d28cb13c906cbdea84da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,s-maxage=3600
x-amz-cf-id: P8VMZRPmUkt1tRtZ9mwcVa7HI-fGEr3fxQKYHD7_EoYe52VQrSNhgA==

GET
H2 200 / Show response
www.ocregister.com/_static/ 7 KB
2 KB 40ms
38ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??/wp-content/plugins/dfm_zeus/assets/dist/dfm-zeus-bundle.js,/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1668552108j

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a36cfb2ac68d3fe9f0c85e63ac833ff97220f3ce561afa3fbcba3e7aac3502c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:48 GMT
server: nginx
age: 2211
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2027

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 06:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 06:22:14 GMT

GET
H2 200 loader.min.js Show response
www.ocregister.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 41ms
38ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 03 Nov 2022 20:40:12 GMT
server: nginx
age: 1133977
etag: W/"6364272c-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5454
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 126ms
35ms Script
application/javascript 18.66.245.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.1.1
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-245-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 22:56:44 GMT
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 10152
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10800,public
x-amz-replication-status: FAILED
x-amz-cf-id: hVYplrKnd5gtT0cB-fVPx_-8OvkFrHlDCAReNeNo8-XsFlAYr3TxfQ==

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 107ms
41ms Script
application/javascript 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.1.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

906a4d132c49422ae0692e484366f8de2d3326a94b25445c05c3824564c34a7f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zdjUqD2jU8kcWzj5DmCxiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-zdjUqD2jU8kcWzj5DmCxiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 17 Nov 2022 01:45:43 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 204 KB
59 KB 42ms
41ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyl0MEKwjAMBuAXsq3CqF7Eq6/RdaGktNloUvTxjQcZOw3cKSR/8h3iXouJMwmQuKX0hMSuUjITJuQ+smMJgnEzszUg2bHTVMBmPrl/DD0geMtRRpdRClStfNTq+AxfoO1AjAJm08yxgSIC7QfnNbFVv5X5Ue8X729+8MP5mj+zL42r

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6dc5228d296721b2f624292aff098051a32eea35de65cb57b5133acee928afb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:53:27 GMT
server: nginx
age: 2085
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60441

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 221 KB
50 KB 1140ms
1071ms Script
application/javascript 99.86.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq&ver=6.1.1
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-47.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3578222761e274a9b6fda993e8a55c9267283eea10453691aa8a3b8d262f2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 02:00:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"b728db38f02007427d4afb166c366738"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: ydnTd6x5ORWwPkbv4YCZi_VyvZ79NsZxNyAJ9Ft4KrYWBPHWoOTVlw==

GET
H2 200 dfm-pushly.min.js Show response
www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
207 B 41ms
39ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1668552108g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:48 GMT
server: nginx
age: 93386
etag: "637415ac-a0"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 script.js Show response
u066.ocregister.com/ 148 KB
44 KB 93ms
27ms Script
text/javascript 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/script.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

f7efaec2a0f18f9fe8ef184429a606382d3284bd8ded994d87b2cad1e5b90a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 325
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44164
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 01:40:07 GMT
server: -
etag: 3c33a95d050bd8107c220fc44e714144
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: mqvqQoYkrlxV47v46LmN2XXemZcKB6rhus87MMLo3F94kSRHivcbwA==
expires: Thu, 17 Nov 2022 01:50:18 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 342 KB
76 KB 104ms
27ms Script
application/javascript 2600:9000:211e:8600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0a3d56ddd74ccfcefef0f57922c5d6577890cd19c6818ad14eabfa730be14e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 05:05:14 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 74429
x-cache: Hit from cloudfront
content-length: 77223
x-xss-protection: mode=block
last-modified: Wed, 02 Nov 2022 23:06:59 GMT
server: CloudFront
etag: "52e98801c70122de077993d7a5617982"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: LKMOWUlrafazug9SkZ5DiqVCHEDTJiObTIwZvG62QBPxFp_ejgKPgw==

GET
H2 200 hhsl-check.min.js Show response
www.ocregister.com/wp-content/plugins/dfm-ad-mods/static/js/ 2 KB
876 B 42ms
41ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm-ad-mods/static/js/hhsl-check.min.js?m=1668645734g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a94028854412953543eed4b949be5aa5414b4b0c5d012ab483f19716eba9413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:43 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:42:14 GMT
server: nginx
age: 2085
etag: W/"63758366-87e"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 802
expires: Fri, 17 Nov 2023 01:45:43 GMT

GET
H2 200 oc-register-logo-376x79.svg
www.ocregister.com/wp-content/uploads/2017/09/ 7 KB
3 KB 24ms
24ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2017/09/oc-register-logo-376x79.svg

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 27 Sep 2017 18:04:08 GMT
server: nginx
x-rq: hhn2 109 198 443
etag: W/"6ee48065e4ae2c81"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Wed, 23 Nov 2022 13:37:07 GMT

GET
H2 200 coronacharts_banner.png
i1.wp.com/ocregister.com/wp-content/uploads/2021/10/ 45 KB
45 KB 77ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/ocregister.com/wp-content/uploads/2021/10/coronacharts_banner.png?width=700

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

725a5183b72f7625301b946259d83e50aed2bdcb6294b877a857321abf0cf656

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 17 Nov 2022 01:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 18:24:21 GMT
server: nginx
etag: "c3529e77a52521cb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://ocregister.com/wp-content/uploads/2021/10/coronacharts_banner.png>; rel="canonical"
content-length: 46190
expires: Mon, 09 Oct 2023 06:24:21 GMT

GET
H2 200 ocr_viewEedition.png
www.ocregister.com/wp-content/uploads/2020/04/ 183 KB
184 KB 24ms
24ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2020/04/ocr_viewEedition.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9399640915f43949c41dca07d28e3582b2ec9f4f595de7f4084bf342bc84496f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 144 443
last-modified: Tue, 23 Nov 2021 13:40:54 GMT
server: nginx
etag: "a75164dfc9160ac1"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
x-optim-disabled: true
accept-ranges: bytes
content-length: 187774
expires: Wed, 23 Nov 2022 13:40:54 GMT

GET
H2 200 socal-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 8 KB
8 KB 23ms
23ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 11 Oct 2022 16:56:07 GMT
server: nginx
age: 2594793
etag: W/"6345a027-1fcf"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7863
expires: Fri, 17 Nov 2023 01:45:44 GMT

GET
H2 200 dfm-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 13 KB
13 KB 23ms
23ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 11 Oct 2022 16:56:07 GMT
server: nginx
age: 2594793
etag: W/"6345a027-3443"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12825
expires: Fri, 17 Nov 2023 01:45:44 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 49 KB
18 KB 24ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyVj8GOwjAMRH+I1AurVlwQn4JCY4q7jh3FCav262klOOwuB/bo8Tx7Br6T61UKSoHEdSAxCJd4mrEaeDMsy0xWVtGtoosarIkkzWgbeEGnqxaVCzHDDSVohkR9qRlX6X8g+3kymvHHP5Kea0CD8ZHsYc44oGD2RbPLVQpFfAdbVkl5+h3uj/2q+vWyd6zu2WC95bMhT+6zaeFciQOw+oB5oY7xsO26fdvuth/78Q5S7YzZ

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c3d38da8d4ed9f190fd614659d3286311908402049ac179d00f39985023c3fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 15 Nov 2022 22:41:48 GMT
server: nginx
age: 2084
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18720

GET
H2 200 p.js Show response
cdn.parsely.com/keys/ocregister.com/ 56 KB
21 KB 112ms
34ms Script
application/javascript 18.155.140.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/ocregister.com/p.js?ver=3.5.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.140.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-140-61.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 26bf73eb66fe6b13f8f7e68d8b0dfbb4bacd90d0ac5bef05e3357759bbdb5e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Wed, 16 Nov 2022 08:50:20 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Thu, 09 Dec 2021 15:22:33 GMT
server: nginx
x-amz-cf-pop: HAM50-P1
age: 60924
etag: W/"61b21f39-df43"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: ttwsDuaXZ6W48eHbh646o9XoeX9weoiXk3zGfgw2JTPvTi5cNg7NlQ==
expires: Thu, 17 Nov 2022 08:50:20 GMT

GET
H2 200 ads.js Show response
www.ocregister.com/wp-content/themes/wp-mason/static/js/ 87 B
157 B 24ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 03 Nov 2022 20:40:12 GMT
server: nginx
age: 1133977
etag: "6364272c-57"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Fri, 17 Nov 2023 01:45:44 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 110 KB
29 KB 24ms
24ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJydzk0KwjAQQOELmQ6KLd2IZ4lJ2qbOT3Cmirc3oAsFEXX74IMHl+KCsCU2sClRUvCqyRTUvOUAs0IQIuEmTAsfG8rczLqCL1wRvA4ZUX9BB8EYxNeAH1gt5FX4CaKM4jKNzpud3tGCy5hZIQ7kfHQkUV94bfeb37Fu+Jxjkj9kEavXD7in3brr+m7b9m0/3wAerphy

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3b05bacf579896c582b17d85c3db21ec731d3a1169d68ca3fa98080573d72356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:44:18 GMT
server: nginx
age: 2084
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29932

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 24 KB
8 KB 90ms
26ms Script
application/javascript 2600:9000:2315:1200:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js?ver=2.0
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:1200:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87cc7bb79e388e5c82134f751e39254a72ab66e9ce82db1ab784bf245ecad6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: rGqZj_7Hgj6WRyjr9KIQF1DAgLdXrGcE
content-encoding: br
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 01:36:20 GMT
x-amz-cf-pop: DUS51-P2
age: 570
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 20:12:44 GMT
server: AmazonS3
etag: W/"3fe1d5c706442bc0cf1bd6e8200f3469"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,s-max-age=60
x-amz-cf-id: P0G5aiLHOEBGBTUf7Q3jcfND3FzRpfNMhBDoDSH7rorgxgVKA2hM_A==

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js?ver=2.0
https://securepubads.g.doubleclick.net/tag/js/gpt.js

79 KB
27 KB

82ms
38ms

Script
text/javascript

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dbf01c55ba5a3090c1f9a490f639031c78a44dcbc3121df20e9d134b8152d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27295
x-xss-protection: 0
server: sffe
etag: "1394 / 413 of 1000 / last-modified: 1668640071"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 01:45:45 GMT

Redirect headers

date: Thu, 17 Nov 2022 01:22:48 GMT
x-content-type-options: nosniff
server: sffe
age: 1376
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Thu, 17 Nov 2022 01:52:48 GMT

GET
H2 200 dfm-viafoura.main.bundle.js Show response
www.ocregister.com/wp-content/plugins/dfm-viafoura-prototype/static/ 22 KB
8 KB 157ms
157ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm-viafoura-prototype/static/dfm-viafoura.main.bundle.js?m=1668645858g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5373dabe581513ee35ed8701927ae72cde3c3a487929d24e51f6331edce130f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Thu, 17 Nov 2022 00:44:18 GMT
server: nginx
age: 0
etag: W/"637583e2-59c6"
vary: Accept-Encoding
x-cache: miss
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 01:45:44 GMT

GET
H2 200 e-202246.js Show response
stats.wp.com/ 9 KB
3 KB 82ms
23ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202246.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 17 Nov 2022 01:45:44 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 Nov 2023 23:57:24 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 73ms
25ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=8.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 04:09:59 GMT
x-amz-cf-pop: FRA56-C2
age: 77746
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: EGpahlFW5hq2Iz382UtrbhaLnmWYJEotZpU3nTffSsOTsnD44MOLIQ==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 86ms
21ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:44 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 778
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 413c68e8-501e-002f-1824-fa80a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 17 Nov 2022 02:15:44 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
548 B 88ms
21ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 01:45:44 GMT
age: 4374806
detected-user-agent: Chrome Mobile/107.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 21:05:16 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
normalized-user-agent: chrome/107.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
255 B 611ms
188ms XHR
application/json 34.223.139.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0MEKwjAMBuAXsq3CqF7Eq6/RdaGktNloUvTxjQcZOw3cKSR/8h3iXouJMwmQuKX0hMSuUjITJuQ+smMJgnEzszUg2bHTVMBmPrl/DD0geMtRRpdRClStfNTq+AxfoO1AjAJm08yxgSIC7QfnNbFVv5X5Ue8X729+8MP5mj+zL42r
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.139.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-139-142.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Thu, 17 Nov 2022 01:45:44 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
254 B 187ms
186ms XHR
application/json 34.223.139.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0MEKwjAMBuAXsq3CqF7Eq6/RdaGktNloUvTxjQcZOw3cKSR/8h3iXouJMwmQuKX0hMSuUjITJuQ+smMJgnEzszUg2bHTVMBmPrl/DD0geMtRRpdRClStfNTq+AxfoO1AjAJm08yxgSIC7QfnNbFVv5X5Ue8X729+8MP5mj+zL42r
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.139.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-139-142.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Thu, 17 Nov 2022 01:45:44 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 17 B
704 B 353ms
115ms Script
text/javascript 52.4.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1083

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-214-42.compute-1.amazonaws.com

Software

- /

Resource Hash

5c4696153e63ea3a6789cf8e64887a5b5676af60601ab1291570da1de13ed784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 37
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 17 B
704 B 353ms
116ms Script
text/javascript 52.4.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1084

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-214-42.compute-1.amazonaws.com

Software

- /

Resource Hash

c74fc27c8d914cef3834b067cd3cfb30d51be85b0656dec1bd3f99de82d7b20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 37
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

7 KB
3 KB

43ms
43ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 87766
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHZ0GEXYW2MFRD5HR5XNSGD7-fra
server: cloudflare
etag: W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76b4c9e86a799191-FRA

Redirect headers

date: Thu, 17 Nov 2022 01:45:44 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GJ1M3B9NB6JB7WDJ5MC0MAAQ-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 114
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 76b4c9e7b9b89191-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 400 KB
97 KB 98ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04e8465ce800baf4ad9a2ad6c85f7194f6457b14a83da364762eb069a46db083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99136
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Nov 2022 01:45:44 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 81ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 01:41:30 GMT
x-content-type-options: nosniff
age: 518654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 01:41:30 GMT

GET
BLOB 200
OK 6e6777e8-ee1d-4bf3-bbec-5e09c951d03d
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/6e6777e8-ee1d-4bf3-bbec-5e09c951d03d
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
254 B 188ms
187ms XHR
application/json 34.223.139.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0MEKwjAMBuAXsq3CqF7Eq6/RdaGktNloUvTxjQcZOw3cKSR/8h3iXouJMwmQuKX0hMSuUjITJuQ+smMJgnEzszUg2bHTVMBmPrl/DD0geMtRRpdRClStfNTq+AxfoO1AjAJm08yxgSIC7QfnNbFVv5X5Ue8X729+8MP5mj+zL42r
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.139.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-139-142.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Thu, 17 Nov 2022 01:45:45 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 76ms
75ms Stylesheet
text/css 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pQ_zfAe1DwUetHW2nvJO7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-pQ_zfAe1DwUetHW2nvJO7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 17 Nov 2022 01:45:44 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
527 B 45ms
44ms XHR
application/json 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=754999816445-0sobklpk1ol2ptrsnnmts2ncl4uhh2si.apps.googleusercontent.com&as=eYGnhTLWVHs%2FAc0k3wzgwA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36d269f4f75bc610a4560de659693b05498c78231988d5cabf47780257db866c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sKEkKedoi_Qpn0acRCT0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-sKEkKedoi_Qpn0acRCT0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 70ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:30:38 GMT
x-content-type-options: nosniff
age: 98107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 22:30:38 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 57ms
32ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20795041
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90528
x-served-by: cache-fra19164-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68URiNF%2BomjWQaJylvPTVINHBSk3bgJC64Y4in2%2BGup0WPYe9d%2B%2BFsuYwfhZLC8APoaovYSgfht8ZsbErUdyr1ppVJl1IgsPf9QdLES%2BoBwfL%2BdNj47tNDF6qjy49K2ZsW0%2Fo7Sr%2FpM58j%2B%2FdwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b4c9e88e705c9e-FRA

GET hpembed.php
projects.ocregister.com/extras/embeds/2022/election-results/ Frame 3E72 0
0

GET
H2 200 common.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 24ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 16 Nov 2022 19:19:01 GMT
server: nginx
age: 22549
etag: W/"637537a5-a619"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10458
expires: Fri, 17 Nov 2023 01:45:45 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 64 KB
9 KB 23ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f135690cc4a37d808102d72f9a1b2bca33fb64c28c428ea2766ea51bd0a9be03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 12 Oct 2022 21:06:17 GMT
server: nginx
age: 2594792
etag: W/"63472c49-1001c"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9079
expires: Fri, 17 Nov 2023 01:45:45 GMT

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 23ms
23ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
x-rq: hhn2 0 2 9980
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 12 Oct 2022 21:06:17 GMT
server: nginx
age: 2594791
etag: W/"63472c49-c75"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1321
expires: Fri, 17 Nov 2023 01:45:45 GMT

GET
H3 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:31:00 GMT
x-content-type-options: nosniff
age: 389685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:31:00 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 7EE6 4 KB
1 KB 22ms
21ms Document
text/html 2600:9000:211e:8600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43138
content-encoding: gzip
content-type: text/html
date: Thu, 17 Nov 2022 00:24:45 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-amz-cf-id: Icz8LqtfyTtZ14Ulk1bgasrhuErCWFTubCMkwVZpoK5HYwHNN3KAAQ==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.ocregister.com/bootstrap/ 6 KB
3 KB 372ms
128ms Fetch
application/json 2600:1f18:44f0:4816:6265:43b5:e3ae:6742
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.ocregister.com/bootstrap/v2
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js?ver=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4816:6265:43b5:e3ae:6742 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0d6b537024b7f656753fd866c336787b3b25c6d51c3b3beb4b7fd68ad8500746

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-instance-id: i-052c557fbc8b242d9
pragma: no-cache
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Thu, 17 Nov 2022 01:45:45 GMT

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 25ms
25ms Stylesheet
text/css 99.86.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-47.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:05:08 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Wed, 05 Oct 2022 20:36:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 34838
etag: W/"5324d6c6926b312f68532f29a3bb2aec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: ofMOvIJyIXxBZBtqZTmGiy8nGkkAZDOcsPcmuKWNLmFfjQ0tlZ8hEA==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 87A4 0
0 139ms
39ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 17 Nov 2022 01:45:44 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/ 237 KB
49 KB 91ms
34ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7e918a6dac2bf1a00aa4ab1dfe9f96402c3e3bc11b890524b14fbaef05f08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 00:34:30 GMT
server: cloudflare
x-amz-request-id: VPGZD70B3TD3VD9W
age: 401
etag: W/"e555957ad4cabffdb36219454c54813f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 76b4c9ea0d25bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iVS2oQyRXfJmq2gTHLC4hs4njOeRon99jPKXgsxspqti1qRGou5m4KyA8lKLoO8MeFvErfoK8jA=

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 105ms
30ms Script
application/x-javascript 108.157.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 17:14:04 GMT
x-amz-cf-pop: DUS51-P2
age: 30702
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: q4CguPfcOYry_rMLKdr-ugLlGaM18aFVIJIMyelnqzBpDVWwKFZw3w==

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 82ms
23ms Image
text/plain 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1668649545204&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: x6_YczllqC3CSAvxaIE-3aT_f6bJEeDOS-WD0RSz0LZ1aoTZUqdfPw==
x-cache: Miss from cloudfront

GET
H2 204 40b829d257f6ea1c
pixel.sitescout.com/iap/ 0
191 B 121ms
39ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/40b829d257f6ea1c
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 17 Nov 2022 01:45:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 148ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ghf5xf0&ct=0:1fodjzw&fmt=3
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 17 Nov 2022 01:45:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 rpe-l-chicken-02021.jpg
www.ocregister.com/wp-content/uploads/2022/11/ 75 KB
75 KB 25ms
24ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2022/11/rpe-l-chicken-02021.jpg?w=513

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c20ce85742d2ad4fe5bb9b89ecca9e87b2b9e791a8883b854cb6bc64fe444455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 88 443
last-modified: Wed, 16 Nov 2022 23:57:02 GMT
server: nginx
etag: "ea5bfc5af4e9955f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76878
expires: Thu, 16 Nov 2023 23:57:02 GMT

GET
H2 200 OCR-L-COACHTRIAL-1004-01-PB-1.jpg
www.ocregister.com/wp-content/uploads/2022/11/ 3 KB
4 KB 26ms
26ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2022/11/OCR-L-COACHTRIAL-1004-01-PB-1.jpg?w=380

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

222499f1661693816fa9265d23d8b06b60472f3f9150ccb690fc7ec8ed92be3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 140 443
last-modified: Wed, 16 Nov 2022 20:39:37 GMT
server: nginx
etag: "ab52686962cf7e9f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3560
expires: Thu, 16 Nov 2023 20:39:37 GMT

GET
H2 200 WDN-L-CADETS-1117-JG-07-1.jpeg
www.ocregister.com/wp-content/uploads/2022/11/ 24 KB
24 KB 189ms
189ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2022/11/WDN-L-CADETS-1117-JG-07-1.jpeg?w=283

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a113be5445fb2b6880cb8ff01d4125331d7243cf4f0965adde0cc50bf237e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 198 443
last-modified: Thu, 17 Nov 2022 01:45:45 GMT
server: nginx
etag: "99f2d2eaeb926866"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24676
expires: Fri, 17 Nov 2023 01:45:45 GMT

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 974 B
826 B 164ms
24ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1668649544040
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: 94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23

Request headers

Accept: */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: 6SckRSyS5jju5Q3JMkb+xg==
age: 558766
x-cache: HIT
content-length: 457
x-ms-lease-status: unlocked
last-modified: Thu, 06 Oct 2022 14:31:34 GMT
server: ECAcc (frc/4CB2)
etag: 0x8DAA7A77829F56B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cb73c7c2-d01e-0040-2c11-f5f086000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js?cb=31070979

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 12:12:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 377 B
172 B 77ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?ver=2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a941238e03ea898230e6a7672ebdfe076fe632a4043f40600c30f4b271319872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
expires: Thu, 17 Nov 2022 01:45:45 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 39ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=126836891&post=0&tz=-8&srv=www.ocregister.com&hp=vip&j=1%3A11.5.1&host=www.ocregister.com&ref=&fcp=2383&rand=0.8350309225570611
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Nov 2022 01:45:45 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 1f3c8.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
773 B 91ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f3c8.svg

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f2eeff5ba8557c8518d9d3325c941fe5339e2f2228a13e64600cad42bb795170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK cc38729a-e2b7-4076-b810-2c6e4a9f03f3
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/cc38729a-e2b7-4076-b810-2c6e4a9f03f3
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK c26ae609-8d53-4aa0-b258-1df2039e174c
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/c26ae609-8d53-4aa0-b258-1df2039e174c
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a1cf4b04-e9e6-44fb-a5f8-8cefe011e12a
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/a1cf4b04-e9e6-44fb-a5f8-8cefe011e12a
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f8ebe682-b882-4617-b946-b351f3b89736
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/f8ebe682-b882-4617-b946-b351f3b89736
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 vitals
www.foo.software/api/ 0
96 B 598ms
125ms Ping
text/plain 137.184.240.117
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foo.software/api/vitals
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.184.240.117 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.23.2 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Nov 2022 01:45:45 GMT
server: nginx/1.23.2
x-powered-by: Express

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 126 KB
20 KB 494ms
494ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/1082?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-11-17T01%3A45%3A45%2B00%3A00&ts=1668649545348

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

1b89f97cc458368513e0c7f3a31b46e0406db1544260d5641302868a96f4a52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 18903
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: FbtkwCxF_PdGZYEg-AlH4MB1YeyPH15Dt2XtEyXTOfuuyoLXAfbyEQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 111 B
1011 B 391ms
390ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/1082?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-11-17T01%3A45%3A45%2B00%3A00&ts=1668649545349

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

cdaae82f9a244e23e50b72ec71f48ce22123c817e8efbb215fa7095e6ce56882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 123
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: tLkBgSjVNrL6vwZTnrjpjsgMrFJ2H1MHAPBR4hlgN8HlsqEmVIrSfQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 109ms
43ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MHF7NT7

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7423a7526e1557ba07ee446bc21a2e0821eb8038afa4c0bf1e689db9d7251ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43998
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Nov 2022 01:45:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 01:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 17 Nov 2022 03:24:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 87ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNP6TRHKRV&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f40f26bf05af0b71f643ea736f9b153db1c6eaf9ea9249f1fbaf9d68760fa16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Nov 2022 01:45:45 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
591 B 87ms
21ms Fetch
application/json 143.204.215.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-113.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 00:41:09 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront), 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1, FRA53-C1
age: 3876
x-amzn-requestid: f0610a35-2228-4fd7-bae5-ce7722a17b2a
x-amzn-trace-id: Root=1-63758325-595c6dab1ef6a80741422145;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: buFt4Gt-DoEFoow=
content-length: 28
x-amz-cf-id: PlFJTIrS0cZwvOE4-S-yFyTCA76FSM-l5u2JIpgBUACUyPcLsqYr6Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
BLOB 200
OK 4b1090f3-1290-4335-9231-f5318eceb08c
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/4b1090f3-1290-4335-9231-f5318eceb08c
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 130ms
21ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEC) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 3967
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (frc/4CEC)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d6ba0e6b-401e-0042-2f1d-fa4e3e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 136ms
23ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE7) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 3472
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/4CE7)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 200347d2-901e-0023-0d1e-fa6d7d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 559 KB
118 KB 138ms
24ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 2495332eea9cbc5525f49204dcdc08c8e089169908861cd0edef778e6c822022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: X5ool3fb3fn9i5liRXvPMA==
age: 559748
x-cache: HIT
content-length: 119970
x-ms-lease-status: unlocked
last-modified: Mon, 20 Jun 2022 07:05:06 GMT
server: ECAcc (frc/4CC2)
etag: 0x8DA528B3481B2A4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 502111c6-f01e-0025-730f-f55ec2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202211100910/ 212 KB
67 KB 85ms
37ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202211100910/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 14:35:42 GMT
server: cloudflare
x-amz-request-id: 9JBE8EJYRFVY9NXP
age: 546158
etag: W/"f907f76d0cf55dfde491009ce035c1c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76b4c9ebaa0b91ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FZXR1HPOLyQbg9Pedd2rb5bWZ4RcbUpZUhblh6Dsxc9qPdIvB8zBPys0CQaz3rj2/mmajR5m7c4=

GET
BLOB 200
OK 478a7b29-1ada-41bf-91a6-be3c3479d6a8
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/478a7b29-1ada-41bf-91a6-be3c3479d6a8
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 70ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Nov 2022 02:10:20 GMT

GET
H2 200 ingest
i.viafoura.co/v3/www.ocregister.com/ 67 B
325 B 382ms
124ms Image
image/png 3.219.223.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.ocregister.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.ocregister.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-31e1a2fda98a%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1668649545%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%2266c344bf-3f7f-49ad-b2e3-d42ab797cf25%22%2C%22firstVisit%22%3A1668649545%2C%22previousVisit%22%3A1668649545%2C%22currentVisit%22%3A1668649545%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1668649545%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.ocregister.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-31e1a2fda98a%22%2C%22section%22%3A%2200000000-0000-4000-8000-31e1a2fda98a%22%2C%22pageImage%22%3A%22https%3A%2F%2Fwww.ocregister.com%2Fwp-content%2Fuploads%2F2017%2F04%2Focr_icon11.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.ocregister.com%2F2022%2F11%2F16%2Fangels-shohei-ohtani-4th-in-al-cy-young-voting-astros-justin-verlander-is-unanimous-winner%2F%22%2C%22path%22%3A%22%2F2022%2F11%2F16%2Fangels-shohei-ohtani-4th-in-al-cy-young-voting-astros-justin-verlander-is-unanimous-winner%2F%22%2C%22title%22%3A%22Orange%20County%20Register%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22page_description%22%3A%22OCRegister.com%20covers%20local%20news%20in%20Orange%20County%2C%20CA%2C%20California%20and%20national%20news%2C%20sports%2C%20things%20to%20do%20and%20the%20best%20places%20to%20eat%2C%20business%20and%20the%20Orange%20County%20housing%20market.%22%2C%22topics%22%3A%5B%22Orange%20County%20Register%22%2C%22Orange%20County%20News%22%2C%22Orange%20County%20Sports%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%229220573%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-US%22%7D%2C%22rq%22%3A%226936b9e3-ffcc-4914-a465-5ec4d4b4ddf9%22%2C%22w%22%3A%5B%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.223.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-223-162.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/png
date: Thu, 17 Nov 2022 01:45:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 67
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OCR-L-MAGIC-KEY-1117-01.jpg
www.ocregister.com/wp-content/uploads/2022/11/ 18 KB
18 KB 24ms
23ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2022/11/OCR-L-MAGIC-KEY-1117-01.jpg?w=359

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

555d94b5650e434e990131c4af890be04d352d54c63999cc292ac6bfa5682f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 30 443
last-modified: Wed, 16 Nov 2022 17:20:33 GMT
server: nginx
etag: "c3bbce49dfd9359e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18100
expires: Thu, 16 Nov 2023 17:20:33 GMT

GET
H2 200 OCR-L-KPMLUPDATE-1117-1.jpg
www.ocregister.com/wp-content/uploads/2022/11/ 12 KB
13 KB 121ms
119ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2022/11/OCR-L-KPMLUPDATE-1117-1.jpg?w=304

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0b6516efc30b81bdef06d22cc521ccb9ebab74c93a5775b0e286019b7804d318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:45 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 28 443
last-modified: Thu, 17 Nov 2022 01:45:45 GMT
server: nginx
etag: "b8d546e498555e97"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12788
expires: Fri, 17 Nov 2023 01:45:45 GMT

GET
H2 200 t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 295 KB
28 KB 25ms
25ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C87) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 41335
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/4C87)
etag: 0x8D9056E3D33EB71
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9605f83b-a01e-0065-31c6-f959fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

OPTIONS
H/1.1 200
OK SCNGPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 528ms
138ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 17 Nov 2022 01:45:45 GMT
X-Powered-By: ASP.NET

GET
H2 200 index.js Show response
cdn.czx5eyk0exbhwp43ya.biz/ 7 KB
2 KB 23ms
23ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:45 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 50468
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 640c1142-c01e-0073-5fb0-f9af2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H/1.1 200
OK SCNGPRODWP Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 3 MB
731 KB 312ms
312ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: 04349ecb57f578cec3fe3e402a668f159040b1ba8b3f9a2bfe4683df213548ef

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: LANG,OCR
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Njg2NjM5NDZ9.0u-KjX69kpYEUl5OgPN_rb3q-UG9NjMsyd-u10vk9Ns
ssid: caef9314d0fee3e8ec5e627733ad664b
environment: prod
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: OCR
location: undefined
Referer: https://www.ocregister.com/
version: Version: 2.5.4.3_swg

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 17 Nov 2022 01:45:45 GMT
Content-Encoding: gzip
X-Server-Time: 11/17/2022 1:45:46 AM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 747937
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 391ms
156ms Image
image/jpeg 52.217.131.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.131.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 01:45:47 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: NQBHYQHZ1MSKDBDK
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: Jq+96+5S6SqxPr3MhjpLhvZZG6dUgyvDRlAL+gloavlXSd9wtEgcXd2gdgqOJ9uUkk02CPXGxZw=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 3604ba6bc26e82b0999f5a6907f38c69 Show response
u066.ocregister.com/plugin/plugin/ 220 KB
54 KB 29ms
28ms Script
text/javascript 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/plugin/plugin/3604ba6bc26e82b0999f5a6907f38c69

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

10b8b708666d9e3510a85cabb3d7dd0d6588998d83457455e4a6d53e8ce5ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 09:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 60222
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 54369
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 09:02:02 GMT
server: -
etag: 3604ba6bc26e82b0999f5a6907f38c69
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6__sAcllzAi5STKNAN-cgAAnmKnCdu4hA_0hdFWXIaEewf0b0mORFA==
expires: Thu, 16 Nov 2023 09:02:02 GMT

GET
BLOB 200
OK 24e0ef5e-e9df-4042-8523-39f30566707d
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/24e0ef5e-e9df-4042-8523-39f30566707d
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 a0a73ccec25a7509e693c7221ee21001 Show response
u066.ocregister.com/plugin/library/ 339 KB
104 KB 26ms
25ms Script
text/javascript 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/plugin/library/a0a73ccec25a7509e693c7221ee21001

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

11f7a23121d159453f768c0f402a0b8e0608ad6b909d28f577a9f2b671769cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 09:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 60223
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 105414
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Nov 2022 09:02:03 GMT
server: -
etag: a0a73ccec25a7509e693c7221ee21001
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: jyNjepMMdvB_shFdCj6t_gQloz3dEwfCehsWKtgks_TN-BoNQlwRfg==
expires: Thu, 16 Nov 2023 09:02:03 GMT

POST
H2 200 LB-Zone-3 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/1082/ 3 KB
2 KB 397ms
395ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/1082/LB-Zone-3?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-11-17T01%3A45%3A46%2B00%3A00&ts=1668649546077

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

6032ae7de524b17c912bcc27c397250a4603d21b03fab88f977edc4b54ee8e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1141
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: -2f3wM4peLU9r8DzLfhgv6rrzYmDrMl_f0wQYITZEYsR1ejPOdNn6g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
67 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb00ee44b7e55b3c484d37de0d862ebfb89be9c072fed542fccce0eb9aecd856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68157
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Nov 2022 01:45:46 GMT

GET
H2 200 eeb19bee52b5ec1c13bfb336efbd511d Show response
u066.ocregister.com/templates/ 477 KB
70 KB 24ms
23ms Script
text/javascript 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/templates/eeb19bee52b5ec1c13bfb336efbd511d

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

9c064b367845c8da6f3bc0eaec2c82c787da60716b7a6529dace99d2af769633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 1681520
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 71129
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 14:40:26 GMT
server: -
etag: eeb19bee52b5ec1c13bfb336efbd511d
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: hbk0cCTUiz1JeikZa1s-8-SluMX1_xpY8a8l5cfq19sAQfI86VHd7w==
expires: Sat, 28 Oct 2023 14:40:26 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 396ms
395ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/1082?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=5663ff36-f8ec-4b38-a9ec-50d911391e09&bctempid=&overruleReferrer=&time=2022-11-17T01%3A45%3A46%2B00%3A00&ts=1668649546523

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

c49c8be5a17f5f9e4d252ec0372a9dc3e8a8d4ee721b550762b01663609b0066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 153
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: aJ8bLXCrnVR17QkrPeFrucW0xEHJDtYv66R6xrCALgE7kGEJJrw2oA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 375 B
1 KB 120ms
120ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

238746750bed97350091656ff931f2c55217b7fa5673bd929b8674113dd5320c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 177
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: ki6O25AreiaqKNzs00urmAe8jbHgLBGpDBg7Ea2flXIyGBFcu9HZCA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 120ms
120ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

cc4efa3dcb5a4241dd087d89f13195b6a8ee62af901b51291a45a3421dce5950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 167
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: MjC7eN7F_0W02ADEWx-jTKquYZF-SSM-uvXMzjKQInTYQbHKbyz4Hw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 67 B
856 B 117ms
117ms Script
text/javascript 52.4.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=5663ff36-f8ec-4b38-a9ec-50d911391e09&&callback=bc_json1085

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-214-42.compute-1.amazonaws.com

Software

- /

Resource Hash

ba81c7ea479a6f432ebbd1c195e0880beb070c94a953b33753d2f89b88388837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 85
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 388ms
388ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

ef0c4e8fedf0126493dd3e183d295361e4c696ab1fa7b9b983a820ff830c925c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 167
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: pK0a8cz51kQm9id-OeBiXM0RalFMm2pMtF9iiGFqzwXbf-4P7yw4ew==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1082 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 5 KB
3 KB 394ms
394ms XHR
application/json 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

a86cf69d57c93f60992c26348990836d3ac96bb09ab35fcc3c896f513c40443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2580
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: PibEMjD8FaQprYu76QbrUCf1iqjh_83kWqc5S6ofVWdR5LUiGvr_-A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recommendations Show response
u066.ocregister.com/rest/ 14 KB
5 KB 400ms
400ms Script
text/javascript 18.66.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/rest/recommendations?storeId=517a0bba-21e3-4326-8648-7a0c8269a68b&profileId=undefined&frequencyCap=8&itemId=www.ocregister.com%2F&request=%5B%7B%22id%22%3A1560907820833%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2022-11-15T01%3A45%3A46.610Z%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_ENTRYPAGE%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_CTR%22%7D%5D%2C%22count%22%3A12%7D%5D&&callback=bc_json1086

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-13.fra60.r.cloudfront.net

Software

- /

Resource Hash

93ad2f1af7bdddade91c456f8d9ed00b9afd69d23c8e92fb11310b0e6e928210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4449
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: zdEqxlqeZ5JTERJxRSbnfqC9T0PJL-3K7WjH_ZGLwJ8rMJbtUMmyhw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 511 B
767 B 283ms
224ms Fetch
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1668649547601
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6af00e5895a718279a409ddcdea017ad3dd3be8b5dbfc36549cd58279e15c7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:45:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 01:45:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir7JoQr5%2FXqyaEA9P2s1lmQ2O1EJhQtlUakNEmkBid7KHDZ8y9En%2FAFB6F4pClBeJSGNFW1XeXeEzBJcYjHDnrbc78rOU3eLXsDOaVpnM34IcwmsizNTcUDKroDZV94zJXeB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 76b4c9f8efd6693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 143 KB
42 KB 25ms
24ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD5) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 41271
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/4CD5)
etag: 0x8D9056E3D50F079
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f8898d18-f01e-001a-0dc6-f99661000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 11 KB
3 KB 24ms
24ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFC) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 41271
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CFC)
etag: 0x8D9056E339D05A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5f72b6ec-901e-001c-2cc6-f9a5de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 7 KB
2 KB 29ms
27ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC9) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 41271
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:31 GMT
server: ECAcc (frc/4CC9)
etag: 0x8D9056E3391B836
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80e1e342-201e-0044-5fc6-f97d81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 6 KB
2 KB 29ms
27ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA7) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 41271
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CA7)
etag: 0x8D9056E33BE9F96
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a2e769f-601e-008e-66c6-f92108000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 9 KB
3 KB 30ms
29ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAF) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 41271
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CAF)
etag: 0x8D9056E33C99EC8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a2048735-401e-0089-58c6-f94d6b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 9 KB
3 KB 29ms
28ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA3) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 41271
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CA3)
etag: 0x8D9056E33DFC44A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4139e3b9-e01e-004b-77c6-f90bed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 13 KB
4 KB 29ms
29ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 41271
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D9056E33EAC378
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10e877af-c01e-0063-7ec6-f96a45000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 114 B
243 B 24ms
24ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB5) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:48 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 41271
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/4CB5)
etag: 0x8D9056E33D49E04
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bde55fba-901e-008a-26c6-f9ac0f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 187ms
187ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=b5a329d6a2c3c444c38427b44e5e2b97&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: LANG,OCR
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Njg2NjM5NDZ9.0u-KjX69kpYEUl5OgPN_rb3q-UG9NjMsyd-u10vk9Ns
ssid: caef9314d0fee3e8ec5e627733ad664b
environment: prod
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: OCR
location: System
Referer: https://www.ocregister.com/
version: Version: 2.5.4.3_swg

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 17 Nov 2022 01:45:47 GMT
Content-Encoding: gzip
X-Server-Time: 11/17/2022 1:45:48 AM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 139ms
138ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=b5a329d6a2c3c444c38427b44e5e2b97&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 17 Nov 2022 01:45:47 GMT
X-Powered-By: ASP.NET

GET
H2 200 fontawesome-webfont.woff2
cdn.mg2connext.com/prod/fonts/ 2 KB
2 KB 111ms
23ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mg2connext.com/prod/fonts/fontawesome-webfont.woff2?98120622=
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.css?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDC) /
Resource Hash: c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a

Request headers

Referer: https://cdn.czx5eyk0exbhwp43ya.biz/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Nov 2022 01:45:49 GMT
content-md5: 4KZHfCb3p1RwzI0cUtcF7g==
age: 559715
x-cache: HIT
content-length: 1720
x-ms-lease-status: unlocked
last-modified: Thu, 17 Dec 2020 10:16:38 GMT
server: ECAcc (frc/4CDC)
etag: 0x8D8A274D72F017A
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 377353de-901e-0023-3d0f-f56d7d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
BLOB 200
OK a70514f4-768b-4e81-b5a7-2e8213bc9cac
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/a70514f4-768b-4e81-b5a7-2e8213bc9cac
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 01:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1260
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 17 Nov 2022 03:24:49 GMT

POST event-stream
k.p-n.io/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: projects.ocregister.com
URL: https://projects.ocregister.com/extras/embeds/2022/election-results/hpembed.php?state=y&site=OCR&county=occo&cntyRace=5001&stRace=008,040,042,044

Domain: k.p-n.io
URL: https://k.p-n.io/event-stream

Domain: k.p-n.io
URL: https://k.p-n.io/event-stream

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
u066.ocregister.com/DG/DEFAULT	1970-01-20 17:06:49	Name: BCSessionID Value: 5663ff36-f8ec-4b38-a9ec-50d911391e09
digitalfirstmedia.blueconic.net/DG/DEFAULT	1970-01-20 16:16:25	Name: BCSessionID Value: 5663ff36-f8ec-4b38-a9ec-50d911391e09
.ocregister.com/	1970-01-20 16:16:25	Name: bc_tstgrp Value: 1
.ocregister.com/	1970-01-20 17:06:49	Name: _pnvl Value: false
.ocregister.com/	1970-01-20 17:06:49	Name: pushly.user_puuid Value: 8vWu4AzomWlkTRR67gs0kolUBREiMU83
.ocregister.com/	1970-01-20 17:06:49	Name: _pndnt Value:
.ocregister.com/	1970-01-20 17:06:49	Name: _pnss Value: none
.ocregister.com/	1970-01-20 17:06:49	Name: _dor Value: www.ocregister.com
.viafoura.co/	1970-01-20 08:14:01	Name: VfSess Value: hipg0djbeoq4rfhdpfsftfrans
.viafoura.co/	1969-12-31 23:59:59	Name: vfThirdpartyCookiesEnabled Value: true
.ocregister.com/	1970-01-20 17:06:49	Name: _ga_JNP6TRHKRV Value: GS1.1.1668649545.1.0.1668649545.0.0.0
www.ocregister.com/	1970-01-20 07:32:15	Name: _lr_geo_location Value: DE
www.ocregister.com/	1970-01-20 16:16:25	Name: _vfa Value: www%2Eocregister%2Ecom.00000000-0000-4000-8000-31e1a2fda98a.66c344bf-3f7f-49ad-b2e3-d42ab797cf25.1668649545.1668649545.1668649545.1
www.ocregister.com/	1970-01-20 07:30:49	Name: _vfz Value: www%2Eocregister%2Ecom.00000000-0000-4000-8000-31e1a2fda98a.1668649545.1.medium=direct\|source=\|sharer_uuid=\|terms=
.viafoura.co/	1970-01-20 16:16:25	Name: vfDeviceId Value: 46ecc2cd-2282-4c8a-8f2d-c23b1196baf2
.ocregister.com/	1970-01-20 17:06:49	Name: anonDeviceId Value: b5a329d6a2c3c444c38427b44e5e2b97
digitalfirstmedia.blueconic.net/	1970-01-20 07:40:54	Name: AWSALBCORS Value: 7QqWMoibpZ/YUC5WqWZBGOWA1oAUtOGhv06UsVy1gKJifslm/Mil/9y0DOKLOjuz/2KymQVnnaONSQzZCeUwN89YdYfn5ftpx5Z0fKJtZR/f7QA1/1SzWyJL7Qre
u066.ocregister.com/	1970-01-20 07:40:54	Name: AWSALB Value: ebilO+3+ooKknLmca3tWK7LGHBekqUNejZOjkdLfRKVvKg43gSTfXJagjMzwuCldHFr7m1+sxw8VWcaVmE6apFCxgeQU+/nGjwRIZ6h51Re7IrPM6KlNlWELqj8L
u066.ocregister.com/	1970-01-20 07:40:54	Name: AWSALBCORS Value: ebilO+3+ooKknLmca3tWK7LGHBekqUNejZOjkdLfRKVvKg43gSTfXJagjMzwuCldHFr7m1+sxw8VWcaVmE6apFCxgeQU+/nGjwRIZ6h51Re7IrPM6KlNlWELqj8L
www.ocregister.com/	1970-01-20 08:14:01	Name: ABTestCookie Value: B
.www.ocregister.com/	1970-01-20 07:32:15	Name: sub_nxt_upd_ac_DFM_SCNGPRODWP_PROD Value: 1
.www.ocregister.com/	1970-01-20 17:06:49	Name: sub_nxt_DFM_SCNGPRODWP_PROD Value: {%221%22:{%22104009%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-11-17T01:45:48.872Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:104009}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js(Line 1) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
api-mg2.db-ip.com
api.viafoura.co
ats.rlcdn.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.czx5eyk0exbhwp43ya.biz
cdn.jsdelivr.net
cdn.mg2connext.com
cdn.p-n.io
cdn.parsely.com
cdn.viafoura.net
cmp.osano.com
d3div1mtym39ic.cloudfront.net
digitalfirstmedia.blueconic.net
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
i.viafoura.co
i1.wp.com
insight.adsrvr.org
k.p-n.io
loader-cdn.azureedge.net
mng-ocregister.zeustechnology.com
ocregister.com
paywall-ad-bucket.s3.amazonaws.com
pixel.sitescout.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
projects.ocregister.com
s.w.org
sb.scorecardresearch.com
securepubads.g.doubleclick.net
session.ocregister.com
stats.wp.com
u066.ocregister.com
unpkg.com
www.foo.software
www.google-analytics.com
www.googletagmanager.com
www.ocregister.com
k.p-n.io
projects.ocregister.com
104.26.4.15
108.157.4.31
13.32.28.197
13.85.16.224
137.184.240.117
143.204.215.113
18.155.140.61
18.66.147.13
18.66.245.48
192.0.66.2
192.0.76.3
192.0.77.2
192.0.77.48
2600:1f18:44f0:4816:6265:43b5:e3ae:6742
2600:9000:20eb:0:11:1ed0:3900:21
2600:9000:211e:8600:3:b7e:8940:93a1
2600:9000:2315:1200:8:2ae1:d740:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5514
2606:4700::6810:7caf
2606:4700::6812:106b
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200d
2a04:4e42:800::282
3.219.223.162
34.223.139.142
52.217.131.89
52.223.40.198
52.4.214.42
65.9.66.9
66.155.71.150
99.86.4.32
99.86.4.47
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
04349ecb57f578cec3fe3e402a668f159040b1ba8b3f9a2bfe4683df213548ef
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
04e8465ce800baf4ad9a2ad6c85f7194f6457b14a83da364762eb069a46db083
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0a3d56ddd74ccfcefef0f57922c5d6577890cd19c6818ad14eabfa730be14e1b
0b6516efc30b81bdef06d22cc521ccb9ebab74c93a5775b0e286019b7804d318
0c07a2e158e7901d49b9c2ff4416803055675f3a7a7c9243e3c87d6be8f518ec
0d6b537024b7f656753fd866c336787b3b25c6d51c3b3beb4b7fd68ad8500746
10b8b708666d9e3510a85cabb3d7dd0d6588998d83457455e4a6d53e8ce5ed78
11f7a23121d159453f768c0f402a0b8e0608ad6b909d28f577a9f2b671769cb3
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
17625cdf32733046274ae55e069947ee72a37e31955d709e41aef892618bbd51
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1a94028854412953543eed4b949be5aa5414b4b0c5d012ab483f19716eba9413
1b89f97cc458368513e0c7f3a31b46e0406db1544260d5641302868a96f4a52f
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c7e918a6dac2bf1a00aa4ab1dfe9f96402c3e3bc11b890524b14fbaef05f08a
1cadc76b0fc1c557e2371e1d74b2cada75ca2ddf27f7b410ff6f197f99c04342
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
222499f1661693816fa9265d23d8b06b60472f3f9150ccb690fc7ec8ed92be3d
238746750bed97350091656ff931f2c55217b7fa5673bd929b8674113dd5320c
2495332eea9cbc5525f49204dcdc08c8e089169908861cd0edef778e6c822022
26bf73eb66fe6b13f8f7e68d8b0dfbb4bacd90d0ac5bef05e3357759bbdb5e01
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
3136b96048f9c29a1d848c33aebad359baae43d28c3734fd21b1019e9aaddd32
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
36d269f4f75bc610a4560de659693b05498c78231988d5cabf47780257db866c
3b05bacf579896c582b17d85c3db21ec731d3a1169d68ca3fa98080573d72356
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5332376498e574c732c5eec2794066db291defa732bbfd869081826403388374
5373dabe581513ee35ed8701927ae72cde3c3a487929d24e51f6331edce130f0
555d94b5650e434e990131c4af890be04d352d54c63999cc292ac6bfa5682f89
5a36cfb2ac68d3fe9f0c85e63ac833ff97220f3ce561afa3fbcba3e7aac3502c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4696153e63ea3a6789cf8e64887a5b5676af60601ab1291570da1de13ed784
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
6032ae7de524b17c912bcc27c397250a4603d21b03fab88f977edc4b54ee8e05
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a
6af00e5895a718279a409ddcdea017ad3dd3be8b5dbfc36549cd58279e15c7c6
6dc5228d296721b2f624292aff098051a32eea35de65cb57b5133acee928afb5
6f40f26bf05af0b71f643ea736f9b153db1c6eaf9ea9249f1fbaf9d68760fa16
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
725a5183b72f7625301b946259d83e50aed2bdcb6294b877a857321abf0cf656
7423a7526e1557ba07ee446bc21a2e0821eb8038afa4c0bf1e689db9d7251ea3
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
87cc7bb79e388e5c82134f751e39254a72ab66e9ce82db1ab784bf245ecad6fd
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
906a4d132c49422ae0692e484366f8de2d3326a94b25445c05c3824564c34a7f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9399640915f43949c41dca07d28e3582b2ec9f4f595de7f4084bf342bc84496f
93ad2f1af7bdddade91c456f8d9ed00b9afd69d23c8e92fb11310b0e6e928210
94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9c064b367845c8da6f3bc0eaec2c82c787da60716b7a6529dace99d2af769633
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9dbf01c55ba5a3090c1f9a490f639031c78a44dcbc3121df20e9d134b8152d2a
a113be5445fb2b6880cb8ff01d4125331d7243cf4f0965adde0cc50bf237e387
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a86cf69d57c93f60992c26348990836d3ac96bb09ab35fcc3c896f513c40443b
a941238e03ea898230e6a7672ebdfe076fe632a4043f40600c30f4b271319872
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
ba81c7ea479a6f432ebbd1c195e0880beb070c94a953b33753d2f89b88388837
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c20ce85742d2ad4fe5bb9b89ecca9e87b2b9e791a8883b854cb6bc64fe444455
c3d38da8d4ed9f190fd614659d3286311908402049ac179d00f39985023c3fec
c49c8be5a17f5f9e4d252ec0372a9dc3e8a8d4ee721b550762b01663609b0066
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c74fc27c8d914cef3834b067cd3cfb30d51be85b0656dec1bd3f99de82d7b20d
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
cc4efa3dcb5a4241dd087d89f13195b6a8ee62af901b51291a45a3421dce5950
cdaae82f9a244e23e50b72ec71f48ce22123c817e8efbb215fa7095e6ce56882
d3578222761e274a9b6fda993e8a55c9267283eea10453691aa8a3b8d262f2ac
d5160a5031b52a3a7bc884baef7e68015f3ed254ab5df11e55278a2ee4ab4ce0
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef0c4e8fedf0126493dd3e183d295361e4c696ab1fa7b9b983a820ff830c925c
f135690cc4a37d808102d72f9a1b2bca33fb64c28c428ea2766ea51bd0a9be03
f2eeff5ba8557c8518d9d3325c941fe5339e2f2228a13e64600cad42bb795170
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7efaec2a0f18f9fe8ef184429a606382d3284bd8ded994d87b2cad1e5b90a56
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb00ee44b7e55b3c484d37de0d862ebfb89be9c072fed542fccce0eb9aecd856
ff0b3b0d7adc47e7b9bafbf0dd71f8b0029511df30b9f797b9866a5545db5828

www.ocregister.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

88 %HTTPS

44 %IPv6

36 Domains

47 Subdomains

40 IPs

3 Countries

3511 kBTransfer

12577 kBSize

22 Cookies

43 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

88 %
HTTPS

44 %
IPv6

36
Domains

47
Subdomains

40
IPs

3
Countries

3511 kB
Transfer

12577 kB
Size

22
Cookies

130 HTTP transactions
1 data transactions