www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ocregister.com/
Effective URL:
https://www.ocregister.com/
Submission: On May 13 via api (May 13th 2023, 4:36:38 am UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 63 IPs in 8 countries across 46 domains to perform 183 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.ocregister.com. The Cisco Umbrella rank of the primary domain is 64949.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.

This is the only time www.ocregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	13.32.27.51 13.32.27.51	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2247:4800:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200d	15169 (GOOGLE) (GOOGLE)
1	13.32.99.63 13.32.99.63	16509 (AMAZON-02) (AMAZON-02)
12	18.66.147.86 18.66.147.86	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:8000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
4	44.237.133.56 44.237.133.56	16509 (AMAZON-02) (AMAZON-02)
3	34.198.252.65 34.198.252.65	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
2	2606:4700:440... 2606:4700:4400::ac40:99f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.24 18.66.97.24	16509 (AMAZON-02) (AMAZON-02)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	137.184.240.117 137.184.240.117	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	54.72.231.133 54.72.231.133	16509 (AMAZON-02) (AMAZON-02)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.254.36.200 34.254.36.200	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.158.218.53 35.158.218.53	16509 (AMAZON-02) (AMAZON-02)
2	34.239.75.135 34.239.75.135	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.122 13.32.27.122	16509 (AMAZON-02) (AMAZON-02)
15	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
4	34.223.146.2 34.223.146.2	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.42.13 104.18.42.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.217.0.228 52.217.0.228	16509 (AMAZON-02) (AMAZON-02)
1	52.217.109.76 52.217.109.76	16509 (AMAZON-02) (AMAZON-02)
2	52.236.186.218 52.236.186.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	172.67.75.166 172.67.75.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	18.193.131.55 18.193.131.55	16509 (AMAZON-02) (AMAZON-02)
183	63

29 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-51.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2247:4800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.147.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-86.fra60.r.cloudfront.net

u066.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:8000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.133.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-133-56.us-west-2.compute.amazonaws.com

session.ocregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.198.252.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-252-65.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.184.240.117 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.foo.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.231.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-231-133.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.36.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-36-200.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.218.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-218-53.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.75.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-75-135.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.czx5eyk0exbhwp43ya.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.223.146.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-146-2.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.42.13 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.0.228 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.109.76 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.218 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.131.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-131-55.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	ocregister.com 1 redirects ocregister.com — Cisco Umbrella Rank: 59473 www.ocregister.com — Cisco Umbrella Rank: 64949 u066.ocregister.com — Cisco Umbrella Rank: 209616 session.ocregister.com — Cisco Umbrella Rank: 237874	1 MB
10	czx5eyk0exbhwp43ya.biz cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 40587	205 KB
10	browsiprod.com yield-manager.browsiprod.com — Cisco Umbrella Rank: 12359 cdn.browsiprod.com — Cisco Umbrella Rank: 12947 events.browsiprod.com — Cisco Umbrella Rank: 11311	91 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	41 KB
5	gstatic.com fonts.gstatic.com	163 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 57137	862 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	88 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 4202 launchpad.privacymanager.io — Cisco Umbrella Rank: 3815 geo.privacymanager.io — Cisco Umbrella Rank: 1843	11 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax.amazon-adsystem.com — Cisco Umbrella Rank: 406	61 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	152 KB
4	google.com accounts.google.com — Cisco Umbrella Rank: 40 www.google.com — Cisco Umbrella Rank: 2	76 KB
3	amazonaws.com paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 41938 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 13170	2 KB
3	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 29810 fp-cdn.azureedge.net — Cisco Umbrella Rank: 53339 g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 52423	238 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 491	1 KB
3	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 9160 s1.listrakbi.com — Cisco Umbrella Rank: 9658	41 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	238 KB
3	blueconic.net digitalfirstmedia.blueconic.net — Cisco Umbrella Rank: 106578	2 KB
3	osano.com cmp.osano.com — Cisco Umbrella Rank: 5645	81 KB
3	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4957 k.p-n.io — Cisco Umbrella Rank: 3159	58 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50 ajax.googleapis.com — Cisco Umbrella Rank: 385	33 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	58 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 892	281 B
2	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 32020	5 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726	455 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 533 eb2.3lift.com — Cisco Umbrella Rank: 389	697 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 661	261 B
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 525 dsum.casalemedia.com — Cisco Umbrella Rank: 1344	842 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506 image8.pubmatic.com — Cisco Umbrella Rank: 694	160 B
2	foo.software www.foo.software — Cisco Umbrella Rank: 59999	191 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1424	100 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3754	191 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 930	3 KB
2	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2516	45 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3022 pixel.wp.com — Cisco Umbrella Rank: 2761	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	98 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 10776	119 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 26350	795 B
1	google.de www.google.de — Cisco Umbrella Rank: 5171	455 B
1	adnxs-simple.com ib.adnxs-simple.com — Cisco Umbrella Rank: 12509	1 KB
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 733	316 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 571	261 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 164	226 B
1	w.org s.w.org — Cisco Umbrella Rank: 2045	834 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1592	683 B
1	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2945	21 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7882	38 KB
183	46

	Domain	Requested by
28	www.ocregister.com	www.ocregister.com cmp.osano.com
12	u066.ocregister.com	www.ocregister.com u066.ocregister.com cmp.osano.com
10	cdn.czx5eyk0exbhwp43ya.biz	cmp.osano.com
5	fonts.gstatic.com	fonts.googleapis.com
4	prod-dfm-proxy-connext.azurewebsites.net	cdn.czx5eyk0exbhwp43ya.biz
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net az416426.vo.msecnd.net tpc.googlesyndication.com
4	events.browsiprod.com	cdn.browsiprod.com az416426.vo.msecnd.net
4	cdn.browsiprod.com	cmp.osano.com
4	www.google-analytics.com	cmp.osano.com
4	session.ocregister.com	www.ocregister.com
3	tpc.googlesyndication.com	cmp.osano.com
3	fastlane.rubiconproject.com	htlbid.com
3	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net
3	www.googletagmanager.com	cmp.osano.com
3	digitalfirstmedia.blueconic.net	u066.ocregister.com cmp.osano.com
3	cmp.osano.com	www.ocregister.com cmp.osano.com
3	accounts.google.com	www.ocregister.com cmp.osano.com accounts.google.com
2	k.p-n.io	cdn.p-n.io
2	static.criteo.net	cmp.osano.com az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	paywall-ad-bucket.s3.amazonaws.com	www.ocregister.com cdn.czx5eyk0exbhwp43ya.biz
2	cdn.pranmcpkx.com	cmp.osano.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	ads.yieldmo.com	htlbid.com
2	yield-manager.browsiprod.com	htlbid.com cdn.browsiprod.com
2	www.foo.software	www.ocregister.com
2	cdn.listrakbi.com	cmp.osano.com
2	cdn.confiant-integrations.net	cmp.osano.com
2	pixel.sitescout.com	www.ocregister.com
2	unpkg.com	1 redirects www.ocregister.com
2	az416426.vo.msecnd.net	www.ocregister.com cmp.osano.com
2	fonts.googleapis.com	www.ocregister.com cmp.osano.com
2	cdn.jsdelivr.net	www.ocregister.com cdn.jsdelivr.net
2	htlbid.com	www.ocregister.com
1	image8.pubmatic.com
1	dsum.casalemedia.com
1	eb2.3lift.com
1	api-mg2.db-ip.com	cdn.czx5eyk0exbhwp43ya.biz
1	ams-pageview-public.s3.amazonaws.com	www.ocregister.com
1	s1.listrakbi.com	cmp.osano.com
1	bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com	cmp.osano.com
1	g2insights-cdn.azureedge.net	cmp.osano.com
1	fp-cdn.azureedge.net	cmp.osano.com
1	www.google.de	www.ocregister.com
1	www.google.com	www.ocregister.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	launchpad.privacymanager.io	cmp.osano.com
1	googleads.g.doubleclick.net	cmp.osano.com
1	tlx.3lift.com	htlbid.com
1	ib.adnxs-simple.com	htlbid.com
1	bidder.criteo.com	htlbid.com
1	htlb.casalemedia.com	htlbid.com
1	hbopenbid.pubmatic.com	htlbid.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	insight.adsrvr.org	www.ocregister.com
1	sb.scorecardresearch.com	www.ocregister.com
1	launchpad-wrapper.privacymanager.io	cmp.osano.com
1	s.w.org	www.ocregister.com
1	pixel.wp.com	www.ocregister.com
1	polyfill.io	ajax.googleapis.com
1	stats.wp.com	www.ocregister.com
1	cdn.parsely.com	www.ocregister.com
1	cdn.p-n.io	www.ocregister.com
1	cdn.auth0.com	www.ocregister.com
1	ajax.googleapis.com	www.ocregister.com
1	ocregister.com	1 redirects
183	68

This site contains links to these domains. Also see Links.

Domain
checkout.ocregister.com
www.accuweather.com
enewspaper.ocregister.com
comicskingdom.com
store.ocregister.com
obits.ocregister.com
adportal.ocregister.com
myaccount.ocregister.com
www.digitalfirstmedia.com
facebook.com
twitter.com
instagram.com
marketplace.socaladsonline.com
adportal.socaladsonline.com
scngorangecounty.column.us
careers.socalnewsgroup.com
www.socalnewsgroup.com
www.medianewsgroup.com
myworkdaycenter.wd5.myworkdayjobs.com
socalnewsgroup.com
access.medianewsgroup.com
www.socalnie.com
sponsor.medianewsgroup.com
my.datasubject.com
vip.wordpress.com

Subject Issuer	Validity	Valid
develop.ocregister.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
pushlycdn.com Amazon RSA 2048 M02	`2023-02-27` - `2024-02-13`	a year	crt.sh
s762.pressenterprise.com Amazon RSA 2048 M02	`2023-02-21` - `2023-11-02`	8 months	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.ocregister.com Amazon RSA 2048 M02	`2023-03-30` - `2024-04-28`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2023-02-28` - `2023-08-06`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.listrakbi.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-21`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.foo.software Go Daddy Secure Certificate Authority - G2	`2022-12-29` - `2024-01-30`	a year	crt.sh
*.browsiprod.com Amazon RSA 2048 M01	`2023-02-09` - `2023-09-18`	7 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
snibe7egl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2022-07-28` - `2023-07-27`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02	`2023-03-10` - `2024-03-04`	a year	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-04-21` - `2024-04-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.p-n.io Amazon RSA 2048 M01	`2023-02-10` - `2024-01-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.ocregister.com/
Frame ID: C7B35E1E2EB95A3315B0D704B93F960E
Requests: 172 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 6434CAE2A2C24682A715B54A1F290ED8
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 1E6757861EDEFF7ECE2ED6E2D76275B6
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 040A25BEA079F64BBF9725E9CD264640
Requests: 1 HTTP requests in this frame

Frame: https://bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F06CB6BE7A10F5988118D799C2278252
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C63EA76A2510D88DA8646467D3A1781F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orange County Register: Local News, Sports and Things to Do

Page URL History Show full URLs

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

183
Requests

92 %
HTTPS

39 %
IPv6

46
Domains

68
Subdomains

63
IPs

8
Countries

4295 kB
Transfer

14094 kB
Size

24
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV&returnUrl=https%253A%252F%252Fwww.ocregister.com%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/santa-ana-ca/92701/current-weather/38830_pc?lang=en-us&partner=mng_1
Title: 62°F

Search URL Search Domain Scan URL

URL: https://enewspaper.ocregister.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: http://store.ocregister.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=edit-nav&utm_content=&utm_term=
Title: Orange County Register Store

Search URL Search Domain Scan URL

URL: http://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://adportal.ocregister.com/lang-adportal/ocr-obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/preference
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://obits.ocregister.com/obituaries/orangecounty/
Title: Obits

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/privacy-policy/?returnUrl=https%3A%2F%2Fwww.ocregister.com%2F%3FclearUserState%3Dtrue
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://facebook.com/ocregister
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ocregister
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ocregister
Title: Instagram

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/access.aspx?utm_source=adtila&utm_medium=website&utm_campaign=access

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://marketplace.socaladsonline.com/scng
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://adportal.socaladsonline.com/scng-adportal/ocr-obits/index.html
Title: Obituary

Search URL Search Domain Scan URL

URL: https://scngorangecounty.column.us/place
Title: Legals

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/about-scng-1/
Title: SoCal News Group

Search URL Search Domain Scan URL

URL: http://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://myworkdaycenter.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://socalnewsgroup.com/
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://store.ocregister.com/?utm_campaign=evergreen&utm_medium=referral&utm_source=edit-footer&utm_content=&utm_term=
Title: OC Register Store

Search URL Search Domain Scan URL

URL: https://myaccount.ocregister.com/ocr/rewards
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: https://access.medianewsgroup.com/d/socal
Title: Sponsored Access

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.socalnie.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: https://sponsor.medianewsgroup.com/a/?tag=socal
Title: Sponsor a Student

Search URL Search Domain Scan URL

URL: https://checkout.ocregister.com/?g2i_source=nav&g2i_medium=link&g2i_campaign=MG2NAV&g2i_or_o=Internt5&g2i_or_p=MG2NAV
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#section-9
Title: California Notice at Collection

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#financial
Title: Notice of Financial Incentive

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A1AnRt2Fn8i1unj/77
Title: Do Not Sell/Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: http://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: http://www.socalnewsgroup.com/

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ocregister.com/ HTTP 301
https://www.ocregister.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://unpkg.com/web-vitals@3/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

183 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ocregister.com/
Redirect Chain

https://ocregister.com/
https://www.ocregister.com/

281 KB
52 KB

29ms
7ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

a8a18561bc8d3ea3110e63c63da600bbe4be457ef9db629c0a0c40c29f76f16f

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1874
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 53098
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 04:36:26 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.ocregister.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/8Ac4j>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
vary: Accept-Encoding
x-cache: grace
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 85 188 443

Redirect headers

age: 2474
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 20
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 04:36:26 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://www.ocregister.com/
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
vary: X-Country-Code
x-cache: grace
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn2 85 187 443

GET
H2 200 boldcoastal.css
www.ocregister.com/wp-content/themes/assets/static/css/ 416 KB
63 KB 13ms
12ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/css/boldcoastal.css?ver=1683751405

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

38a05eb5167fc36ccc242830b189fea0ceb8e645d21410b84ded7a7cf716466b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 10 May 2023 20:43:19 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"645c01e7-68060"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
www.ocregister.com/wp-includes/js/ 18 KB
5 KB 18ms
12ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 05 Apr 2023 21:46:42 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"642dec42-4904"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 htlbid.css
htlbid.com/v3/ocregister.com/ 1 KB
545 B 58ms
10ms Stylesheet
text/css 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/ocregister.com/htlbid.css?ver=6.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:33:11 GMT
content-encoding: br
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 17:39:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 197
x-amz-server-side-encryption: AES256
etag: W/"a1a24bc8de60aa36a1b2db034c6f5a6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: gmt2sDDPEo6DDk-SMYdmiE073Za63tttVCWBqka-uZ9EfXC3_4n_RA==

GET
H2 200 style.css
www.ocregister.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
392 B 16ms
11ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1670356675g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 06 Dec 2022 19:57:55 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"638f9ec3-370"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 /
www.ocregister.com/_static/ 3 KB
3 KB 16ms
11ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJxtjEEOQDAQAD+klog6ibdUW2zoarrb+D7CSVxnMgNHVHYn8SQQtzwjMbgpKEmZRSE5tEb2xMBiBC1YZvi6MiCVlyjgZ7Z4k1ZPEPO4vf2L1IPucgh9rbuqabXu9AlSbjZ+

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a69db491891857066ada033de292cdca059f738f4b68dbc7f7c85069313d3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3356

GET
H2 200 mng-digisubs.styles.css
www.ocregister.com/wp-content/plugins/mng-digisubs/static/ 14 KB
5 KB 17ms
12ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=6.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

716e9ddfe6d9c1e84e8dd166acc6d630d2b7cbeb9c291ebed368942e47933a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Fri, 05 May 2023 21:51:32 GMT
server: nginx
x-rq: hhn2 85 188 443
etag: W/"64557a64-375a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 /
www.ocregister.com/_static/ 1 KB
1 KB 17ms
12ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJxVjMEKwjAQRH/IdBUxPYn4KXG71IVkUzJbxL83emk9DW+GefRaAldzMaclr7MaCOoS/qByk1nh0gieXJkYfeqt2FDUho4H2qk4a49Q1s3TmO4TKAHi+P1LfWiWkKanQKsF+DvLV3Ur11Mcj+dLjGP8AKsoO8w=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b657d20496eed5d326fbf88393caebbc4f63b31300fb6131005ef3120e6c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1202

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 637ms
206ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 04:36:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2753876
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8819
x-served-by: cache-fra-eddf8230021-FRA, cache-gig2250078-GIG
x-jsd-version-type: version
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 4 KB
953 B 52ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

270fb1f5320e32a7e0b8af9d3102063d8eb8950f4feb0ce3bb6c00536c1daa60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 04:36:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 04:36:27 GMT

GET
H2 200 /
www.ocregister.com/_static/ 99 KB
99 KB 17ms
13ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyNjUsOAiEQRC9k0+J3XJg5C4F2gkJD7CYTby8kmrh0V1XJe4VrBV9YiRVraktkwXDL4ALkEgRFnUaPXnr0TyI2ObLpdYM/ZG7whe+k1fkH2J3ZYle0RIJrDAupoJYKtYgO7yvR355x/xkGM+erPU376XC2x8sbYQlFyw==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1213caa8464668054ccc27f0b16e7f808d13eb42e18e525d2381b77d608e1fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Thu, 11 May 2023 23:19:19 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 101236

GET
H2 200 htlbid.js Show response
htlbid.com/v3/ocregister.com/ 399 KB
119 KB 443ms
443ms Script
application/javascript 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf658918b1f8ca38ec0fed634d41ab3481e6907bcfba2c8681f79b50d9e91c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2023 17:39:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"5c3b22bd4d68b1f02cd9064bffdcbca6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: iuBP8VrNHgstkNMJO3umXc8-vzPc1mLg788_endR04uark0_hsU43Q==

GET
H2 200 sso-tools.min.js Show response
www.ocregister.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 5 KB
1 KB 22ms
19ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1670356675g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 06 Dec 2022 19:57:55 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"638f9ec3-1536"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 42ms
9ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 12:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 12:26:06 GMT

GET
H2 200 loader.min.js Show response
www.ocregister.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 23ms
19ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"638f9ec4-3e4a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 112ms
26ms Script
application/javascript 2600:9000:2247:4800:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=6.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2247:4800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
via: 1.1 e358da22fa4c7897bb31c3c67470d266.cloudfront.net (CloudFront)
date: Sat, 13 May 2023 03:45:10 GMT
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P2
age: 3077
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10800,public
x-amz-replication-status: FAILED
x-amz-cf-id: CRlE63OH7WtJZMocC9q_zXvQq6Jjbq6zIQXa744EZEo445t_L43Tzg==

GET
H2 200 client Show response
accounts.google.com/gsi/ 189 KB
75 KB 73ms
30ms Script
application/javascript 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.2

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b33d7087467c7e79512e168a1cd79e43904462408aaf7ae4c0abf2ef5409f32

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2F9p3G8aszoY86DgMfXHJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-2F9p3G8aszoY86DgMfXHJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 13 May 2023 04:36:27 GMT

GET
H2 200 / Show response
www.ocregister.com/_static/ 242 KB
242 KB 22ms
19ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyl0DsKwzAMBuAL1RYh9JGhdO01HEcYGVsJlkx7/DpDKJkKzSSkX/oGwWsxfmZFVlhSDcQCmYOZKJDUUUDUKfndzGZHbMfKU0Ib5QT/GO2A8a1HmbZMmjC3KketSk+3AuUHJKRods3sCzZEsWxw/CY2t29FeeR7d7n113PXD0P8ALMoja8=

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

449aef1589f99af291a9020f9a65f206f55da3709e38f8c1748fe9353899e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Wed, 10 May 2023 20:43:19 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 247997

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 300 KB
58 KB 56ms
11ms Script
application/javascript 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq&ver=6.2
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45877b882f4b100d00c4aad9a51ce80f28e1487d2a8a133fb325190a135cceb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:30:44 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Thu, 11 May 2023 23:05:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 375
x-amz-server-side-encryption: AES256
etag: W/"ac9521a240e51ce0486a997d68b6dfa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: ZO_EQTqhJKKy3SUgRfgPoobD7o01pNu77kws0oOFiQ64sxHh-saTyw==

GET
H2 200 dfm-pushly.min.js Show response
www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
205 B 22ms
20ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1683323492g

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Fri, 05 May 2023 21:51:32 GMT
server: nginx
etag: "64557a64-a0"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160

GET
H2 200 script.js Show response
u066.ocregister.com/ 148 KB
44 KB 40ms
8ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/script.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

0a1275ed18d35b3933f8331a63aa561475445da34124b9f437e7585c320c3e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 369
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44402
x-xss-protection: 1; mode=block
last-modified: Sat, 13 May 2023 04:29:39 GMT
server: -
etag: 8525ed68a7a9a958980be2f1b6d065ec
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: JrjD4AivfxGBOJNYvIbhTicsYHdjQcs0jnChSxiQltGqLvLcTt2qbA==
expires: Sat, 13 May 2023 04:40:18 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 350 KB
79 KB 62ms
14ms Script
application/javascript 2600:9000:211e:8000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

6e1c976593565da6d184c258085061bc5e26c18d73fe1665359b1c84c3bda263

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 15:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 48230
x-cache: Hit from cloudfront
content-length: 79821
x-xss-protection: mode=block
last-modified: Mon, 01 May 2023 16:52:51 GMT
server: CloudFront
etag: "6d446c99ee674776f10a6dee5c652012"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: qDHK__Rh6PEh_b2F9_gKFKQpBPGtj0c858FmE-X41bOvV5Rtlx--yA==

GET
H2 200 / Show response
www.ocregister.com/_static/ 39 KB
39 KB 22ms
20ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??/wp-content/plugins/dfm-ad-mods/static/js/hhsl-check.min.js,/wp-content/plugins/mng-digisubs/static/mng-digisubs.articleShare.bundle.js?m=1683751399j

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bb85eda4d354a2320c987992b36a052cbb69e1ad85ffe0826161b28f29c3ad98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:26 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Wed, 10 May 2023 20:43:19 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40066

GET
H2 200 oc-register-logo-376x79.svg
www.ocregister.com/wp-content/uploads/2017/09/ 7 KB
3 KB 7ms
7ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2017/09/oc-register-logo-376x79.svg

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 27 Sep 2017 18:04:08 GMT
server: nginx
x-rq: hhn2 109 198 443
etag: W/"6ee48065e4ae2c81"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 ocr_viewEedition.png
www.ocregister.com/wp-content/uploads/2020/04/ 183 KB
184 KB 9ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2020/04/ocr_viewEedition.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9399640915f43949c41dca07d28e3582b2ec9f4f595de7f4084bf342bc84496f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 144 443
last-modified: Wed, 03 May 2023 17:11:34 GMT
server: nginx
etag: "ee979e9fb9104aa4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 187774

GET
H2 200 socal-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 8 KB
8 KB 9ms
7ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/socal-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
etag: "638f9ec4-1fcf"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8143

GET
H2 200 dfm-logo-sm.png
www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/ 13 KB
13 KB 10ms
8ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo-sm.png

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 188 443
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
etag: "638f9ec4-3443"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13379

GET
H2 200 / Show response
www.ocregister.com/_static/ 57 KB
57 KB 9ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJyVj9EOgjAMRX/I0RAN8mL8lskqFLt1WTcNfL3wQOKDMfh6e05vLryi6SRkDBkil56CQhwkS7gTMzwxOEkQqcsl4RpVnkI16gF2iWznSWlG/dQodFwcKowKjjRv8HKKwtPqLwymvEdK2OPC2izJpBIyefyz6yc+iDz022ZfzDZ7/WWTIk/mWLVwK8QOWKzDtFhXf6mb9tieznVTj29daYlI

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bc0e9ec627c6169484852aa49f2134b30abd96230b7796cedcfe6c64f2db3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Thu, 11 May 2023 23:19:21 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 58584

GET
H2 200 p.js Show response
cdn.parsely.com/keys/ocregister.com/ 56 KB
21 KB 45ms
8ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/ocregister.com/p.js?ver=3.8.4
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 26bf73eb66fe6b13f8f7e68d8b0dfbb4bacd90d0ac5bef05e3357759bbdb5e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Fri, 12 May 2023 05:40:18 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified: Thu, 09 Dec 2021 15:22:33 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 82712
etag: W/"61b21f39-df43"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Tk8xBZ7kGh4Knb5gA-N9giDMdn-C9FFzIXH3v-j18AD-l4LVQY9L4w==
expires: Sat, 13 May 2023 05:37:54 GMT

GET
H2 200 ads.js Show response
www.ocregister.com/wp-content/themes/wp-mason/static/js/ 87 B
132 B 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Tue, 06 Dec 2022 19:57:56 GMT
server: nginx
etag: "638f9ec4-57"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87

GET
H2 200 / Show response
www.ocregister.com/_static/ 110 KB
110 KB 7ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/_static/??-eJydzk0KwjAQQOELmQ61+NOFeJY0SdvUzExwpoq3N6ALBRHr9sEHD67ZOCYNpKBjwCBgRYIKiFqNDiYBx4hMlRtnOlUYqZpkBT+4zOnWx5RkCeo4ece2hPSFlYJWmF5g4oFNxMFY1fMnmtM8RBLwPRrrDbKXN17a42Y5ljVdog/8h8ys5foJj3iot/tmt6mbtp3uHouYbQ==

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb8335b2ae6f9db021e041c1b786c2a832a6c3ead404d1490df41cc0518d7b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 85 187 443
last-modified: Wed, 10 May 2023 20:43:19 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 112538

GET
H2 200 e-202319.js Show response
stats.wp.com/ 9 KB
3 KB 35ms
8ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202319.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 May 2024 19:10:07 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 46ms
8ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 414
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: acb9edbe-401e-004e-5d53-85e987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sat, 13 May 2023 05:06:27 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
683 B 641ms
210ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 04:36:28 GMT
age: 334690
detected-user-agent: Chrome Mobile WebView/113.0.5672
useragent_normaliser: chrome/113.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
255 B 557ms
176ms XHR
application/json 44.237.133.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0DsKwzAMBuAL1RYh9JGhdO01HEcYGVsJlkx7/DpDKJkKzSSkX/oGwWsxfmZFVlhSDcQCmYOZKJDUUUDUKfndzGZHbMfKU0Ib5QT/GO2A8a1HmbZMmjC3KketSk+3AuUHJKRods3sCzZEsWxw/CY2t29FeeR7d7n113PXD0P8ALMoja8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.133.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-133-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
698 B 318ms
97ms Script
text/javascript 34.198.252.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json450

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.252.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-252-65.compute-1.amazonaws.com

Software

- /

Resource Hash

79f1e909d6122347784d8e39aa74012adb2975e3bc83ce2e83a225443c2a794c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
701 B 333ms
113ms Script
text/javascript 34.198.252.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json451

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.252.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-252-65.compute-1.amazonaws.com

Software

- /

Resource Hash

06b8f8b8b3580d35846908ca7bf1919b68f5997fe0f495e36efb1861b3690e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.3.1/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

7 KB
3 KB

18ms
17ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3343960
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GX61921MTG1VSE4M93D3Z6EH-fra
server: cloudflare
etag: W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c68335abbcc39cd-FRA

Redirect headers

date: Sat, 13 May 2023 04:36:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H09P3TBT2M2ZAWB3ZJEZA9EK-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 224
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.3.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7c683359db1f39cd-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 502 KB
116 KB 72ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73da5e9f804298df4201001506a390d921ad0f5a3220076c042649ce2b8ffb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118729
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 04:36:27 GMT

GET
BLOB 200
OK 54543513-ba82-4f9f-9571-2a0ad2eacb17
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/54543513-ba82-4f9f-9571-2a0ad2eacb17
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 19:45:38 GMT
x-content-type-options: nosniff
age: 550249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 19:45:38 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 414ms
205ms Font
font/woff2 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 04:36:28 GMT
x-content-type-options: nosniff
age: 4578348
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90528
x-served-by: cache-fra-eddf8230031-FRA, cache-gig2250060-GIG
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:37:59 GMT
x-content-type-options: nosniff
age: 557908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:37:59 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 39ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 15:25:37 GMT
x-content-type-options: nosniff
age: 565850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 15:25:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 131ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1cf4702832bf6c320c5c8098f8bacb6bd00fed93724fc9cd9af287e41947865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25242
x-xss-protection: 0
server: cafe
etag: 275 / 19490 / 31074558 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 04:36:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 230 KB
57 KB 75ms
12ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:36:55 GMT
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:06 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1, FRA2-C1
age: 3574
x-amz-server-side-encryption: AES256
etag: W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: csfO6iJgX7RAdMj5GvT_c9YlDbKv_TrU9JGYeqHvNEvYxypHFwVITw==

GET
H2 200 common.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 9ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Fri, 05 May 2023 21:51:32 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"64557a64-a619"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 common-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 64 KB
9 KB 9ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Wed, 10 May 2023 20:43:19 GMT
server: nginx
x-rq: hhn2 85 187 443
etag: W/"645c01e7-10029"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.ocregister.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 12ms
12ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ocregister.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains
last-modified: Fri, 05 May 2023 21:51:32 GMT
server: nginx
x-rq: hhn2 85 188 443
etag: W/"64557a64-c75"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 OCR-L-Villa-Realty-0510-30-1.jpeg
www.ocregister.com/wp-content/uploads/2023/05/ 34 KB
34 KB 12ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2023/05/OCR-L-Villa-Realty-0510-30-1.jpeg?w=467

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4dfa5a35793decc217ed90c72310fd876c193eb668a5a22bb0e8b700846ca848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 139 443
last-modified: Fri, 12 May 2023 07:28:29 GMT
server: nginx
etag: "015e50d87bdac88d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34576

GET
H2 200 OCR-L-IN-N-OUT-0512.jpg
www.ocregister.com/wp-content/uploads/2023/05/ 24 KB
24 KB 12ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2023/05/OCR-L-IN-N-OUT-0512.jpg?w=360

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a5801d26ab757fafa86dfba5683f6385e266525497a2ef6c876239a530da4276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 198 443
last-modified: Fri, 12 May 2023 17:02:05 GMT
server: nginx
etag: "c8559bfa1698398e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24860

GET
H2 200 LDN-L-GOV-ENERGY-18-0501.jpg
www.ocregister.com/wp-content/uploads/2023/05/ 20 KB
20 KB 12ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2023/05/LDN-L-GOV-ENERGY-18-0501.jpg?w=323

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c9393938a1053a7b797fb5e28412ee53680cf8b76314274f377b38bac1453abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 88 443
last-modified: Fri, 12 May 2023 21:35:58 GMT
server: nginx
etag: "fd082c3bbf65666c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20726

GET
H2 200 / Show response
cmp.osano.com/ Frame 6434 4 KB
1 KB 7ms
7ms Document
text/html 2600:9000:211e:8000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85208
content-encoding: br
content-type: text/html
date: Fri, 12 May 2023 04:56:21 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-id: s_9LBLP6YnCwwGtkNv1D00IFNeLpYOtZeaYq0U3PWSLK0vyxNuAZRg==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=126836891&post=0&tz=-7&srv=www.ocregister.com&hp=vip&j=1%3A12.0&host=www.ocregister.com&ref=&fcp=1100&rand=0.6353877514942703
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:28 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 2615.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
834 B 36ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2615.svg

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

8b8afd8f60833ca51907899d4a3279cdfd355282858ba8a73cd1034d2a1e31ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1E67 0
0 58ms
13ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sat, 13 May 2023 04:36:27 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/ 111 KB
26 KB 54ms
17ms Script
text/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f69fa4bf07943b427474bfa79c56259c2d44cc7cc816e720749fb2b71e2ea2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 May 2023 04:30:44 GMT
server: cloudflare
x-amz-request-id: 7N8GQVB78QZMFRF2
age: 288
etag: W/"538c7bb1683e82e77bb1c50f296be5aa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7c68335d09219bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0sP9oEtFHC+unk8wiRX1blbdpxbTLR2jfZqYJTqD8MKwle5u/nNlqZ5LMb8T7uvwxNnU8lpURyeogjLqxsX4sPOSSRQcJ/4SArVC0QcfWfc=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/ 9 KB
2 KB 46ms
9ms Script
text/javascript 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/70bb23e5-a2a7-414e-b709-7066b1333c83/launchpad-liveramp.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21b580c0e786d0ff2b8ef69d2808f19c17e9106f4effdf1771475ac870c81ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: WVJHJlCeP1N2IpvGFdgw87IN7xdjr1fa
content-encoding: gzip
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 19:37:09 GMT
x-amz-cf-pop: FRA56-P2
age: 32360
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 18 Jul 2022 17:01:39 GMT
server: AmazonS3
etag: W/"456ed7d264d33c8630706e5b37966010"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 8Z8C6fk9hY6H8NgCVckvEW_KtoSvEQpoQEpBFcAUTUGVmzw64dBbsA==

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 242 KB
39 KB 471ms
406ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: 25a10b2436d22c8291ffb68adc766473faf8ec90bef7ffdeaacc09310620b88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 04:36:28 GMT
Content-Encoding: gzip
Via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
X-ltk: 5/13/2023 12:16:10 AM
X-Amz-Cf-Pop: FRA60-P2
X-Powered-By: ASP.NET
X-Cache: RefreshHit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 38981
Last-Modified: Sat, 13 May 2023 04:06:22 GMT
Server: cloudflare
ETag: "DSpecnUiGhnSGaO5yDqVbA=="
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
Accept-Ranges: bytes
CF-RAY: 7c68159dad392c79-FRA
X-Amz-Cf-Id: St40iR1KQBc7Bsqtm7AQOK-yUaW1YUyfM6TLx6_9qJ2hJMWK3HBP9g==
Expires: Sat, 13 May 2023 05:26:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11038326564

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1234c8b3b12c3c983658c7ba23582c7123d26cfa7f98a9d7b1feb406a86bc174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53113
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 04:36:28 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 36ms
9ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1683952588271&ns_c=UTF-8&c8=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&c7=https%3A%2F%2Fwww.ocregister.com%2F&c9=
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 9pBFjCyda_T-1V2oXvbeM4bcoonYMhzvHTSdKtrP7UjwpxIEqhk3WA==
x-cache: Miss from cloudfront

GET
H2 204 40b829d257f6ea1c
pixel.sitescout.com/iap/ 0
191 B 48ms
14ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/40b829d257f6ea1c
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 13 May 2023 04:36:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 102ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ghf5xf0&ct=0:1fodjzw&fmt=3
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
254 B 174ms
174ms XHR
application/json 44.237.133.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0DsKwzAMBuAL1RYh9JGhdO01HEcYGVsJlkx7/DpDKJkKzSSkX/oGwWsxfmZFVlhSDcQCmYOZKJDUUUDUKfndzGZHbMfKU0Ib5QT/GO2A8a1HmbZMmjC3KketSk+3AuUHJKRods3sCzZEsWxw/CY2t29FeeR7d7n113PXD0P8ALMoja8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.133.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-133-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 200 vitals
www.foo.software/api/ 0
96 B 317ms
100ms Ping
text/plain 137.184.240.117
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foo.software/api/vitals
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.184.240.117 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.23.4 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:28 GMT
server: nginx/1.23.4
x-powered-by: Express

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 130 KB
20 KB 381ms
378ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/449?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-05-13T04%3A36%3A28%2B00%3A00&ts=1683952588314

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

683b57a5d2950f0c3cabb25fb3ff91b7e7510a3192cb492a551942c8b73b4bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 19531
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: OsZLIWW--J3EaPaKGBGXlvAI_W8nCCEZmasvWvoeQQX9LXty4DUcZQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 111 B
1 KB 342ms
341ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/449?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-05-13T04%3A36%3A28%2B00%3A00&ts=1683952588315

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

1693ca0720c36e9bbaffa57cf930bc475cc52973d61ab0e7ebc49e0395dc1617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 123
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: z3tLTenJl-WtknEix8FGwZ5hAjYiVtJoBBLXK3P940Jik4q6gvXGNg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 0906cf0e-a525-402a-ac21-08909c47c7a7
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/0906cf0e-a525-402a-ac21-08909c47c7a7
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 2ef3d03d-76e8-4219-973b-38a2f0a08f32
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/2ef3d03d-76e8-4219-973b-38a2f0a08f32
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 2aed6dd7-af45-49d7-9d49-a948f92bfe45
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/2aed6dd7-af45-49d7-9d49-a948f92bfe45
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 406 KB
125 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27705
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128048
x-xss-protection: 0
server: cafe
etag: 352811828592807000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 20:54:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 512 B
304 B 59ms
42ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ocregister.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

179cce2e83c26eeb947c7fbbca3094f7b3f49d4974f65e50c0e27975c58f9f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
expires: Sat, 13 May 2023 04:36:28 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
9ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 21:22:16 GMT
x-amz-cf-pop: FRA2-C1
age: 26256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: exfU8WNixUloiJhKIH_tmgsM5_kUfVB7vidBFBMqgEGPKeJveaOUZA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 04:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 49
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 06:35:39 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 116 KB
46 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MHF7NT7

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e976cbdba5a7212d65ba186ae6b7b1fc30ff009c60f405d1e23419414ad2342d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46398
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 04:36:28 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 040A 4 KB
1 KB 7ms
7ms Document
text/html 2600:9000:211e:8000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85208
content-encoding: br
content-type: text/html
date: Fri, 12 May 2023 04:56:21 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-id: Z9lED4wh6HknKpwVXvDpOT01zg802W0YoATxLnnOGr8iBN2KPzl3TQ==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK e17f7326-2945-48fd-a22a-901e87bb211a
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/e17f7326-2945-48fd-a22a-901e87bb211a
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK fdc627a5-d4ed-4512-8899-bd7524deb969
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/fdc627a5-d4ed-4512-8899-bd7524deb969
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 23c561bd-f324-4922-a525-7006fa53993c
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/23c561bd-f324-4922-a525-7006fa53993c
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 prebid Show response
yield-manager.browsiprod.com/ 104 B
297 B 110ms
34ms XHR
text/plain 54.72.231.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/prebid?sk=ocregister&sw=1600&sh=1200&url=https%3A%2F%2Fwww.ocregister.com%2F&us=%7B%7D&at=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.231.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-231-133.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: 8f1a3b805ecebd49aa4fd5449526d8adc9e8395318763181d8a751f9028fbec4

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: text/plain; charset=UTF-8

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 320 B
678 B 9ms
9ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.ocregister.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 7bd8b3e8c5d0f5c0a1c5ed3b69c09e4ae5edb40519ad8a1882b007ac3bf91901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:09:54 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 5193
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 320
x-amz-cf-id: EcsgP1Vk1B_8Fnq5zpdmemOQtyJzhZ5rz0WkJ6YmuCjj82OXX3Cppw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
506 B 125ms
49ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.ocregister.com%2F&pid=QSpWLFE6ckskG&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Fsponsorship_1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Focregister.com%2Fhome%2Fcube1_rrail_atf%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdpre=1&gdprc=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: BXSQ067MPMDCKCMCDFH2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: zUubOgZuPFrJf7uXugsO8crIY_aIWzHHTqRULCaFSihclm_orkd6JA==

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
254 B 174ms
174ms XHR
application/json 44.237.133.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0DsKwzAMBuAL1RYh9JGhdO01HEcYGVsJlkx7/DpDKJkKzSSkX/oGwWsxfmZFVlhSDcQCmYOZKJDUUUDUKfndzGZHbMfKU0Ib5QT/GO2A8a1HmbZMmjC3KketSk+3AuUHJKRods3sCzZEsWxw/CY2t29FeeR7d7n113PXD0P8ALMoja8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.133.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-133-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 191ms
125ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
571 B 115ms
82ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=947075
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5eac961fe95ecbd81e42daa3fb17b06becfb6031d433758f9619c3955b1e8a

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mllHk6jYsaUsT5jfObUCX0Lq5f43%2FBSu2Y8rlP4upvSiDsqTg9FHdWZ34UV%2BibZGqf9XZyGcOjk%2BSBKKo%2BL6ky%2F0FjLXHYPaqT%2Fp4Gbw4Mj2MtgmQ9uknPbsq25K1DGGPOjc0lAt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7c68335e7ede5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
227 B 137ms
32ms XHR
text/plain 34.254.36.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22htlad-1-gpt%22%2C%22callback_id%22%3A%2210eac6573231f99%22%2C%22sizes%22%3A%5B%5B300%2C50%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%223263962679919714742%22%2C%22gpid%22%3A%22%2F8013%2Focregister.com%2Fhome%2Fsponsorship_1%231%22%2C%22tid%22%3A%22c1d6d392-83b4-400a-a8cb-7b412a10dd45%22%2C%22auctionId%22%3A%22c3911502-442b-4e83-a07b-d6518e1f1e68%22%7D%2C%7B%22placement_id%22%3A%22htlad-3-gpt%22%2C%22callback_id%22%3A%22118a3034fc62b9a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223263962681630990786%22%2C%22gpid%22%3A%22%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%231%22%2C%22tid%22%3A%2242bb55a1-da10-4b9e-a4f5-a3892dcf5457%22%2C%22auctionId%22%3A%22c3911502-442b-4e83-a07b-d6518e1f1e68%22%7D%2C%7B%22placement_id%22%3A%22htlad-4-gpt%22%2C%22callback_id%22%3A%2212160110edee86f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B300%2C1050%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223263962677042422178%22%2C%22gpid%22%3A%22%2F8013%2Focregister.com%2Fhome%2Fcube1_rrail_atf%231%22%2C%22tid%22%3A%22436f2a08-5f0e-4a96-bf41-d582fcad02f3%22%2C%22auctionId%22%3A%22c3911502-442b-4e83-a07b-d6518e1f1e68%22%7D%5D&page_url=https%3A%2F%2Fwww.ocregister.com%2F&bust=1683952588520&dnt=false&description=OCRegister.com%20covers%20local%20news%20in%20Orange%20County%2C%20CA%2C%20California%20and%20national%20news%2C%20sports%2C%20things%20to%20do%20and%20the%20best%20places%20to%20eat%2C%20business%20and%20the%20Orange%20County%20housing%20market.&userConsent=%7B%22gdprApplies%22%3Atrue%2C%22cmp%22%3A%22CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA%22%7D&us_privacy=1---&pr=&scrd=1&title=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&w=1600&h=1200
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-36-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ocregister.com
pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
655 B 137ms
43ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=471218&zone_id=2792804&size_id=43&alt_size_ids=44&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---&rf=https%3A%2F%2Fwww.ocregister.com%2F&kw=OrangeCountyRegister%2COrangeCountyNews%2COrangeCountySports&tg_i.page=https%3A%2F%2Fwww.ocregister.com%2F&tg_i.domain=ocregister.com&tg_i.pbadslot=%2F8013%2Focregister.com%2Fhome%2Fsponsorship_1%231&tk_flint=pbjs_lite_v7.31.0&x_source.tid=c1d6d392-83b4-400a-a8cb-7b412a10dd45&l_pb_bid_id=143d8a53feaa6db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8013%2Focregister.com%2Fhome%2Fsponsorship_1%231&slots=1&rand=0.6218877991965479
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e2d3648f9fc4de9ca4fbccc88806b2d761ba10f16e6584e840e1022ae69fb322

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ocregister.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 395 B
430 B 140ms
46ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=471218&zone_id=2792812&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---&rf=https%3A%2F%2Fwww.ocregister.com%2F&kw=OrangeCountyRegister%2COrangeCountyNews%2COrangeCountySports&tg_i.page=https%3A%2F%2Fwww.ocregister.com%2F&tg_i.domain=ocregister.com&tg_i.pbadslot=%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%231&tk_flint=pbjs_lite_v7.31.0&x_source.tid=42bb55a1-da10-4b9e-a4f5-a3892dcf5457&l_pb_bid_id=1550f903735a617&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8013%2Focregister.com%2Fhome%2Ftop_leaderboard%231&slots=1&rand=0.965996228514056
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58b386e20254b658b0a5f7ba4f15a0ecca715f765081e8eef12ada443401c55c

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ocregister.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 395
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 395 B
430 B 165ms
72ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=471218&zone_id=2792790&size_id=15&alt_size_ids=9%2C10%2C54&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---&rf=https%3A%2F%2Fwww.ocregister.com%2F&kw=OrangeCountyRegister%2COrangeCountyNews%2COrangeCountySports&tg_i.page=https%3A%2F%2Fwww.ocregister.com%2F&tg_i.domain=ocregister.com&tg_i.pbadslot=%2F8013%2Focregister.com%2Fhome%2Fcube1_rrail_atf%231&tk_flint=pbjs_lite_v7.31.0&x_source.tid=436f2a08-5f0e-4a96-bf41-d582fcad02f3&l_pb_bid_id=16757688300bdc2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8013%2Focregister.com%2Fhome%2Fcube1_rrail_atf%231&slots=1&rand=0.26490797646460496
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4f8eff1441f96c9d723ecd68c4c3219c2fc94e1405d13a6a7ef09e6cb2bd2ba8

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ocregister.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 395
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
316 B 100ms
35ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.31.0&cb=98669281975&lsavail=1

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 378 B
1 KB 157ms
102ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b883aa5e8883f03f351d5bea96af2d1f738d4681d17cf86f89d02403129408e3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 04:36:28 GMT
AN-X-Request-Uuid: 2aa6fb9c-b0cc-4373-a75e-c5756a05a34f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ocregister.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.201; 80.255.10.201; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
557 B 42ms
8ms XHR
application/json 35.158.218.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.31.0&referrer=https%3A%2F%2Fwww.ocregister.com%2F&tmax=2000&gdpr=true&cmp_cs=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/ocregister.com/htlbid.js?ver=6.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.218.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-218-53.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status: 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202305101013/ 243 KB
75 KB 23ms
22ms Script
application/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea6ea3a65726c9736c6f9715f39fc113bef17e87589ee3b2c220fc21f13083af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 14:31:54 GMT
server: cloudflare
x-amz-request-id: 452QEP75MZK9WC9P
age: 214163
etag: W/"a28928bd6d7de93a2507dee29a5cd32c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7c68335e6a1b9bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: auro0KxKMpn5RsjA+9M24soS9vGYLgB01Wlw+5oDzuVNkO9f3K+vQV0SXhCIc0YmjBMG1FQMEYw=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
455 B 92ms
91ms XHR
text/plain 34.239.75.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.75.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-75-135.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:28 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 292ms
91ms Preflight 34.239.75.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.75.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-75-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 13 May 2023 04:36:28 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11038326564/ 3 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11038326564/?random=1683952588393&cv=11&fst=1683952588393&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ocregister.com%2F&hn=www.googleadservices.com&frm=0&tiba=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&us_privacy=1---&auid=235779455.1683952588&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36d227f4262f38a15c3ca1f87516729dfb762214dcba584deebaf0a572cfa5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 38ms
7ms Script
application/x-javascript 13.32.27.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
date: Sat, 13 May 2023 04:25:36 GMT
x-amz-cf-pop: FRA56-C2
age: 653
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: DTlnaqmqC9N3x16rQu34vuu3M_BXglSoXtV2OpAdII-L1E_7Rku7Tg==

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rCjzwtC5x1HX9meekFr0DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-rCjzwtC5x1HX9meekFr0DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 13 May 2023 04:36:28 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
528 B 66ms
66ms XHR
application/json 2a00:1450:4001:80f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=754999816445-0sobklpk1ol2ptrsnnmts2ncl4uhh2si.apps.googleusercontent.com&as=Wh2%2FUX26e3YiEgSeQbNpNA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68337d39ef4631d4e3ac93ac89a2b881cdc707fb1cac2572d0f5aeabdf35ab76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-EqQZ8-DHffYo2XWSAlBo9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-EqQZ8-DHffYo2XWSAlBo9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 70b278c6-7e35-4ea8-810a-c6a81ce358d6
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/70b278c6-7e35-4ea8-810a-c6a81ce358d6
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 974 B
826 B 86ms
7ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1683952587620
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: 94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23

Request headers

Accept: */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
content-md5: 6SckRSyS5jju5Q3JMkb+xg==
age: 136965
x-cache: HIT
content-length: 457
x-ms-lease-status: unlocked
last-modified: Thu, 06 Oct 2022 14:31:34 GMT
server: ECAcc (frc/4CB2)
etag: 0x8DAA7A77829F56B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4053db4e-301e-0067-6615-84e742000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
BLOB 200
OK 882a6abd-3cac-48c1-93aa-0e74f7946f76
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/882a6abd-3cac-48c1-93aa-0e74f7946f76
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 May 2023 05:31:50 GMT

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 44 KB
12 KB 39ms
7ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 1t9oY5dsI2O5mQBgGHRbvmpc_xaX5j1v
content-encoding: gzip
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
date: Sat, 13 May 2023 04:31:50 GMT
last-modified: Thu, 11 May 2023 07:31:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 279
x-amz-server-side-encryption: AES256
etag: W/"32453f3d63d4172abe613f1936f6ee5d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=3600
x-amz-cf-id: Yxw7-aVDLvw-r20j6h8claS78CgerxazYAst60jIljoOSiEh5J9TaA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/11038326564/ 42 B
455 B 44ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11038326564/?random=1683952588393&cv=11&fst=1683950400000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ocregister.com%2F&frm=0&tiba=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3462260359&rmt_tld=0&ipr=y

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11038326564/ 42 B
455 B 46ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11038326564/?random=1683952588393&cv=11&fst=1683950400000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ocregister.com%2F&frm=0&tiba=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3462260359&rmt_tld=1&ipr=y

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
606 B 10ms
10ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 May 2023 01:27:24 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 11344
x-amzn-requestid: f290abde-fbaa-419a-a644-67b5b0cb4ba5
x-amzn-trace-id: Root=1-645ee77c-4832b7c20c29e07a3b1acd97;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: E1kbcH9HDoEFi6Q=
content-length: 28
x-amz-cf-id: p2NWK8x2UozvoATnYNy6ZlwQm-7kvp7u_LWVUEijiLWBhH7eF7UxQw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 122ms
86ms Preflight
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 13 May 2023 04:36:28 GMT
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-apigw-id: E2AICFjfDoEFwXw=
x-amz-cf-id: C7i7IF7xNHZzHMMK0kXbPBbGdUvWyKNt04T1G01NGeqQ0dP9lI9jOA==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 92bf594a-55fd-4604-96d5-fa8c81dddb04
x-cache: Miss from cloudfront

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
104 B 557ms
181ms XHR
text/plain 34.223.146.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=YUlHLOUWGPsqSaN!$rb!
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.146.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-146-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:29 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 2 KB
1 KB 32ms
32ms XHR
application/json 54.72.231.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=ocregister&url=https%3A%2F%2Fwww.ocregister.com%2F&bid=YUlHLOUWGPsqSaN!%24rb!&at=Orange%20County%20Register%3A%20Local%20News%2C%20Sports%20and%20Things%20to%20Do&sw=1600&sh=1200&rp=false
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.231.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-231-133.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: e026fe16b6749e3e95221caad238ed1130afc6cd6663969f228d785771e39aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 61ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEC) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 8668
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (frc/4CEC)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8893cc5-201e-00a0-6c40-85731f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 59ms
8ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE7) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 8161
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/4CE7)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e713cdb-101e-004f-0d41-8586ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 560 KB
118 KB 100ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 98944eabc213c9ec5a38e3b50f08429d860f9aa2f56e54e8ed990dd99dccd38a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
content-md5: s2Hc9EOaygNnGehYD1TzjQ==
age: 23411
x-cache: HIT
content-length: 120012
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:15 GMT
server: ECAcc (frc/4CC2)
etag: 0x8DB1ECBC645FC84
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e1629f36-a01e-005a-4e1d-859159000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 PreEngine_desktop_2023-04-18T13:08:38.031.js Show response
cdn.browsiprod.com/static_js/medianewsgroup/ocregister/ 614 B
1 KB 24ms
8ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/static_js/medianewsgroup/ocregister/PreEngine_desktop_2023-04-18T13:08:38.031.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72762afa5296c234d2a8999bc9a4340f9903e10474757d1dffbe2f9b5856b78a

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:54:23 GMT
x-amz-version-id: r8rpyIgdqc7igJTvIRjyAQhQsbCC4ZGe
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2050926
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 614
last-modified: Tue, 18 Apr 2023 13:08:39 GMT
server: AmazonS3
etag: "30445d26ccbf66a284d5cb98ed78f35b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: c-jfKfbssvX_ohUw7edja4yssR8Lb56Wy5aSgFlqjMah_N2-_u2Oww==

GET
H2 200 session Show response
session.ocregister.com/api/ 93 B
254 B 175ms
174ms XHR
application/json 44.237.133.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.ocregister.com/api/session
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/_static/??-eJyl0DsKwzAMBuAL1RYh9JGhdO01HEcYGVsJlkx7/DpDKJkKzSSkX/oGwWsxfmZFVlhSDcQCmYOZKJDUUUDUKfndzGZHbMfKU0Ib5QT/GO2A8a1HmbZMmjC3KketSk+3AuUHJKRods3sCzZEsWxw/CY2t29FeeR7d7n113PXD0P8ALMoja8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.133.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-133-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:28 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 OCR-L-MICAHSWAY-0512-01.jpeg
www.ocregister.com/wp-content/uploads/2023/05/ 22 KB
22 KB 81ms
80ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2023/05/OCR-L-MICAHSWAY-0512-01.jpeg?w=380

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a5babfd3d7b29e33c64508fb6dfdf74af0bf5a1b0a8dfa63be9f1278d75b221c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 139 443
last-modified: Sat, 13 May 2023 04:36:28 GMT
server: nginx
etag: "0cfa98fa5c70797a"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22318

GET
H2 200 OCR-L-FEDERALFUNDS-0512-01.jpeg
www.ocregister.com/wp-content/uploads/2023/05/ 20 KB
20 KB 80ms
79ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ocregister.com/wp-content/uploads/2023/05/OCR-L-FEDERALFUNDS-0512-01.jpeg?w=327

Requested by

Host: www.ocregister.com
URL: https://www.ocregister.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e9e422062c41f1e39232dab5c579a0767df4cc2d54e8a82cf14ad8c8995e6955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
strict-transport-security: max-age=31536000;includeSubdomains
x-rq: hhn2 109 27 443
last-modified: Sat, 13 May 2023 04:36:28 GMT
server: nginx
etag: "8d3b92c2dd7010ae"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20334

GET
H2 200 062697320c45f18a8c3f7e765fb8ec76 Show response
u066.ocregister.com/plugin/plugin/ 229 KB
54 KB 8ms
8ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/plugin/plugin/062697320c45f18a8c3f7e765fb8ec76

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

421718cc5940dab8fdf7a9173266da91a15713c647a36bb33d8ec6a883ccf3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 855030
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 54870
x-xss-protection: 1; mode=block
last-modified: Tue, 02 May 2023 07:05:58 GMT
server: -
etag: 062697320c45f18a8c3f7e765fb8ec76
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: aF9KWCj42b3I1waq0mImmTAeMeP9Pn1noXGemy8UJ-GKG_uh6bCv9g==
expires: Thu, 02 May 2024 07:05:58 GMT

GET
H2 200 middy-desktop-4.15.15.js Show response
cdn.browsiprod.com/sd/apps/middy/ 301 KB
74 KB 11ms
8ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c4f42bbb80ed0308dd79b93b4bf8d39caa0e2f374717130ccdb5e87b3077546

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 07:45:44 GMT
x-amz-version-id: jimWsu2I0qwlnCOJnvG_6bre40bMOKO0
content-encoding: br
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1371045
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 24 Apr 2023 10:40:05 GMT
server: AmazonS3
etag: W/"2427ee29ab4d69fb7a807376c5cf1c8a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: I_DEJUUbuYBSHbWgOtgB_NTT-Nm3LB-G0wR3jkLCpUOWPYYJZLjluw==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 0
459 B 65ms
22ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2214359129113654&correlator=2682677041427607&eid=31072020%2C31072878%2C31074536%2C31074558%2C44782501&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&gdpr=1&us_privacy=1---&iu_parts=8013%2Cocregister.com%2Chome%2Csponsorship_1%2Cinterstitial%2Ctop_leaderboard%2Ccube1_rrail_atf&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%7C320x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&ifi=1&adks=301403094%2C539711547%2C3975922805%2C3212999813&didk=1622125026~356144529~303353385~359666826&sfv=1-0-40&prev_scp=pos%3DSponsorship_1%26browsiLayout%3DNA%7Cpos%3Dinterstitial%7Cpos%3Dtop_leaderboard%26browsiLayout%3DNA%7Cpos%3DCube1_RRail_ATF%26browsiLayout%3DNA&eri=1&cust_params=htlbidid%3D19828%26is_testing%3Dno%26kv%3Dhome%26page%3Dhome%26content%3D%26RPN%3D200564071284%26rurl%3D%26articleid%3D&sc=1&abxe=1&dt=1683952588737&lmt=1683952588&dlt=1683952586928&idt=1494&adxs=1144%2C160%2C436%2C1138&adys=79%2C242%2C368%2C525&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ocregister.com%2F&frm=20&vis=1&psz=300x0%7C1x0%7C728x0%7C304x0&msz=300x0%7C1x0%7C728x0%7C304x0&fws=4%2C4%2C4%2C4&ohw=501%2C1%2C1280%2C304

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-creative-id: -2,-2,-2,-2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F06C 6 KB
3 KB 99ms
15ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 04:36:28 GMT
expires: Sun, 12 May 2024 04:36:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f79553cdb17aa9d237e397ed881c8d75 Show response
u066.ocregister.com/plugin/library/ 341 KB
105 KB 12ms
12ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/plugin/library/f79553cdb17aa9d237e397ed881c8d75

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

d091b0f3053c3eeba693ae4e43a60a0db4d8f42395e9844ed1f99e0e712e95fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 855029
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 106675
x-xss-protection: 1; mode=block
last-modified: Tue, 02 May 2023 07:05:58 GMT
server: -
etag: f79553cdb17aa9d237e397ed881c8d75
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: kytHPbV6SQcFH0mMBIxzi38Xz7u9HfWBZNTx68jnQBQiL30PgjZgkQ==
expires: Thu, 02 May 2024 07:05:58 GMT

POST
H2 200 LB-Zone-3 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/449/ 3 KB
2 KB 112ms
110ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/449/LB-Zone-3?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-05-13T04%3A36%3A28%2B00%3A00&ts=1683952588856

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

3094b8e43c59506b3b1998eb8ff337c01c4cc4ada07460241df7dccf85ea7064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1036
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1JBC8oePhj_YbqC3KlTUl98OBpKrKQv8PI5K5wFUrJW3ZyjmMo6_-A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
103 B 320ms
181ms XHR
text/plain 34.223.146.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=a194399b-af6a-44ac-96b9-25d86284c65c
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.146.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-146-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:29 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 8ms
7ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://www.ocregister.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 08:29:37 GMT
x-amz-cf-pop: FRA56-P2
age: 72412
x-cache: Hit from cloudfront
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Tagz_bGRoeBQR2a6LwANRFcdj84CWXv93mP4dXC8Hj1xacklg4KXnQ==

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
103 B 315ms
183ms XHR
text/plain 34.223.146.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=a194399b-af6a-44ac-96b9-25d86284c65c
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.146.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-146-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:29 GMT
access-control-allow-credentials: true

GET
H2 200 t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 295 KB
28 KB 7ms
7ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C87) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:28 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 23386
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:15 GMT
server: ECAcc (frc/4C87)
etag: 0x8DB1ECBC6444F1A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f396d1d6-201e-0019-361e-857705000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 getIds Show response
s1.listrakbi.com/AUjk900vfCG0/session/ 175 B
1 KB 151ms
107ms Script
application/x-javascript 104.18.42.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/AUjk900vfCG0/session/getIds?callback=ltkCallback9806&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7785232fdac355e7b2e6da6f1c164f041ba6c12312b7426f36638859470827ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 7c6833611dc75c2c-FRA
expires: -1

OPTIONS
H/1.1 200
OK SCNGPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 411ms
123ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 13 May 2023 04:36:29 GMT
X-Powered-By: ASP.NET

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 8ms
8ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 416
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: acb9edbe-401e-004e-5d53-85e987000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sat, 13 May 2023 05:06:29 GMT

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 42ms
7ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 233461
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 528c1e87-301e-0005-5234-832565000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H/1.1 200
OK SCNGPRODWP Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 4 MB
861 KB 383ms
383ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/SCNGPRODWP
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: 90e535b7fe12d3b4385cde7867bb845bc2458f57f4d3ccbb0821d1b7ea566b53

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: LANG,OCR
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2ODM5NjY5ODl9.BCeLKvVVSqNLLiGS0DfQ5rfnatII0xqlQ8C15KtaCqo
ssid: b9b96a62358e823938d770889549e76d
environment: prod
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: OCR
location: undefined
Referer: https://www.ocregister.com/
version: Version: 2.5.4.4_swg

Response headers

Expires: -1
Pragma: no-cache
Date: Sat, 13 May 2023 04:36:28 GMT
Content-Encoding: gzip
X-Server-Time: 5/13/2023 4:36:29 AM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 880314
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 315ms
112ms Image
image/jpeg 52.217.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 04:36:30 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: HWM0Z52ASX5Z6SRT
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: a9+X23qtXYELWpJH79VweBVWbtH5DNiimOQtVvPWFOx+dlfiIOxfmKo8AcPL4iHdFqb1wXH+5RA=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
BLOB 200
OK 9152375b-b631-4966-8d31-6e73205b1dbf
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/9152375b-b631-4966-8d31-6e73205b1dbf
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 fddc5adb29bdf95c848ea54469cf60a5 Show response
u066.ocregister.com/templates/ 479 KB
70 KB 8ms
8ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/templates/fddc5adb29bdf95c848ea54469cf60a5

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

2f218987261e49e368f7f85f9e5bf66f49f62032e96bb064c43064df8fc4e2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 00:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 3470769
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 71125
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 00:30:20 GMT
server: -
etag: fddc5adb29bdf95c848ea54469cf60a5
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: YpSL8DccZDD_U7ncNPY1cCecj2lkMdTWeh1cHbTq_DS67KP2KPTylQ==
expires: Tue, 02 Apr 2024 00:30:20 GMT

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 283ms
283ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/449?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=cb11dd8b-4489-45d8-9fb0-55847ad2f7b8&bctempid=&overruleReferrer=&time=2023-05-13T04%3A36%3A29%2B00%3A00&ts=1683952589153

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

175e6bb85f9bae93a2273d9f391cc55742b0ab99fa165aa272953ef553c73d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 153
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uNQQ1ap1dRW8aIhJepfXsP4TrhVTaTjFR6bdmbvhCCOinO9frKX3Rw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 562 B
1 KB 292ms
292ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

1fba662febeea3e8d4d3ca4e8f1db311483eb607f38f5c7d9e14815c7d1f73e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1vvVNxydFzIbU23r2vaNTTABNBVoI_gKi2ezFcJFSA17BTGHVEUjcQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 292ms
292ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

7afd0841a59f9ed2729987d878fcdaaa4c10c1c5304cfa41b45a0cbfb971a81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 167
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: aEStcZb0VnBczP7wRRuGtbX3kwxnJjr5hJ9wZsJCnKT4FLZwa-pyjQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 66 B
862 B 96ms
96ms Script
text/javascript 34.198.252.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=cb11dd8b-4489-45d8-9fb0-55847ad2f7b8&&callback=bc_json452

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.252.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-252-65.compute-1.amazonaws.com

Software

- /

Resource Hash

c9c1f23e520dab4e2a2479ec87aa0eada7e3eb1251ac017e4ed98dcc888fc23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 449 Show response
u066.ocregister.com/DG/DEFAULT/rest/rpc/ 6 KB
4 KB 289ms
288ms XHR
application/json 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/DG/DEFAULT/rest/rpc/449?referer=https%3A%2F%2Fwww.ocregister.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-05-13T04%3A36%3A29%2B00%3A00&ts=1683952589230

Requested by

Host: u066.ocregister.com
URL: https://u066.ocregister.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

fc0f83790da6c60afa1f36d6186a8f0ab89fbf0568c024b403f52ae2a12ae6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2627
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ocregister.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uT60PoXRI1qF1amGrhJSA5VyEDhWpDfDrCmKuhj8TLqXWHqiBPXL8w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 8ms
8ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 16:34:12 GMT
Content-Encoding: gzip
Via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
CF-Cache-Status: DYNAMIC
X-Amz-Cf-Pop: FRA60-P2
Age: 48029
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 18:03:08 GMT
Server: cloudflare
ETag: W/"2ff9137f7dfd81:0"
Vary: Accept-Encoding
Content-Type: text/css
CF-RAY: 7bf40c765824bb3b-FRA
X-Amz-Cf-Id: 2a-JFwcCMlaTmz4rpIyVsdh30RtLfvTQK49wqiuCUzHUCH9GwmkTtw==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 298ms
109ms Image
image/png 52.217.109.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=472654859263
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.109.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 04:36:30 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: HWM3SG69GE457M2G
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: RSY/CSp5Ed423MPdqboPnC3i1CF3neEtXvTwxglGLkEm18Bp3oXqwc8yhGdUDjkv8Tac+975vRU=

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
70 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e531d115684e95c1f837d49bf2d43c14c40bc36c66aa4944321e67b5373ae166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71232
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 04:36:29 GMT

GET
H2 200 recommendations Show response
u066.ocregister.com/rest/ 15 KB
5 KB 376ms
376ms Script
text/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u066.ocregister.com/rest/recommendations?storeId=517a0bba-21e3-4326-8648-7a0c8269a68b&profileId=undefined&frequencyCap=8&itemId=www.ocregister.com%2F&request=%5B%7B%22id%22%3A1560907820833%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2023-05-11T04%3A36%3A29.251Z%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%2C%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_ENTRYPAGE%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENT_CTR%22%7D%5D%2C%22count%22%3A12%7D%5D&&callback=bc_json453

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-86.fra60.r.cloudfront.net

Software

- /

Resource Hash

e37926bfdd405a2a06d7367d327bcc50f78430b6c81be30c26078c901ef53f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4176
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: gO7BSUTNX8dWWMcZIgL7igwGI9jSlOpjkajuFvaJ-ks0_ak1fJCzvw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
58ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2710c7dc7950c124a23a6fe0b82f1f61a991b7cf5429de5d0aa2e00c29117235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11154
x-xss-protection: 0

POST
H2 200 vitals
www.foo.software/api/ 0
95 B 112ms
112ms Ping
text/plain 137.184.240.117
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foo.software/api/vitals
Requested by: Host: www.ocregister.com
URL: https://www.ocregister.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.184.240.117 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.23.4 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:29 GMT
server: nginx/1.23.4
x-powered-by: Express

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 114ms
17ms Preflight 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Sat, 13 May 2023 04:36:29 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 327ms
326ms XHR
application/json 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

197028c6f96c74527ef8305b69e8b182c5f04c4a0f48e309a9f980cba6f6470b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 88EFE016-F34D-460A-97C7-40E41B2C1F6D
strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 04:36:29 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
BLOB 200
OK 879f5fec-d3b6-4e70-9152-22841dd9ad37
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/879f5fec-d3b6-4e70-9152-22841dd9ad37
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 04:36:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C63E 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ocregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 22:13:47 GMT
expires: Sat, 11 May 2024 22:13:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame C63E 37 KB
14 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C63E 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_YaUrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
103 B 180ms
180ms XHR
text/plain 34.223.146.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=a194399b-af6a-44ac-96b9-25d86284c65c
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.146.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-146-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ocregister.com
date: Sat, 13 May 2023 04:36:29 GMT
access-control-allow-credentials: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=2214359129113654&bg=!R0SlRBDNAAYldGN0BXQ7ADkAdvg8Wu8XkoWzE6wuzqtwGJ7c4FYXkcbgDn_v3ji6k7VWbZz4P5Pdp1jWCwjwRSZqGUyrpqMAcDICAAAAS1IAAAADaAEHmQKz2jvbQPrp2jTpbDtT8IEwgfAFGkxgrazj62H0lG4fAed1DdOnIZguVQxe-juCMFZEUOip22bEGypFOT62ANg9cUXH-QxGFQcAFMdwIHsqKUt-51PNvzALHfc83-G4Dut01cLIdgoeFVp_ml0Fdv7SQE8UWJ-Beq7gk9020VYxoU8SJ026y299A9HfZRucQIMTZwCCBbOrBHNIepcs9Yd50FSoSZ2ywQKtOvyPh1KcnuKMbHZq1SLYrrH9PnBC8wH1sMvmne7TvN2LGgdIjPwvOqY0f71Pt_52IfA67gMnw_NPAP54UqGmshA_Gh7-9UnFUMvSOaGyLlHKge-fpE3QVRk4JZzb_nIFg61B_gYoA6vd1qY7HC76Hn6nXQT1Y1QXOWkfsqoUCeUG7sCeKLOcuVdJNLmlkLh_yGViZxHWZlYvTnRMUr2yol3fT96RxP7ELXrENSbtMidCujJmnDpynuFIAE0p7tv1TNbT6ALBcC17TPNw22M7a4Es07Eo8t6jDFOZiTxnIsn0xCF2hzjhaEzmmVC4OkC5RfD2SF7v4Tq1SO3SDgVWl8KzCZOb75mwOebfD44ldekB-ichLYS7GV94p1HQzsCZer2_DZ7yzs2qMOyPHyy_DHeuSxurnWYYnxxRb4hbOOOWSkVqNUeR2jo-ueh1Mdr68oqTtr7mQkNsOPF0SQilTH9ZUJ9AzQpghfOpaLAqBzKxXrQtUbnKvIsQX0iLBfxw6vK9jBb96GiaGjfhgzeMM9qO1_7XngmKTsBhryivPiwFEUxvGB4HeOA4IYZgqNg9j5yNINFP6Of7Bsb-16bWkN1sQswAtRlsbDfzHUutnFLGT_uOp5ELk_Hwl9QtCfnEMz3_r0BRVDnLETwk0och4cG5VcaxSnua35qDEKimZyB6nOS4I24yyETQ_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 567 B
795 B 249ms
210ms Fetch
application/json 172.67.75.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1683952590604
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27eff5fc1ab1c8ffd68c4048ed423ab4e46832d1f25e63d3ca7afe04d52b6a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 13 May 2023 04:36:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma8%2B0yp%2FPq2PoYwzB5PXVExOXS0I6G6vjgd3nCZ8h59lWmVjyaa2rsYgUnfMkA5O6Rfthji6oKNZ9woZd47oGXGcINSMPIlm1Jyy1vppr1aMaSqPzTe0UmXl2u99f8qbkpCp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 7c68336b8943195e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK bc43cec4-5662-4535-bc3b-ebd1e8fa78e5
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/bc43cec4-5662-4535-bc3b-ebd1e8fa78e5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 53ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 May 2023 04:36:30 GMT

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 52ms
25ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 May 2023 04:36:30 GMT

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 143 KB
42 KB 9ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD5) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 23384
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:15 GMT
server: ECAcc (frc/4CD5)
etag: 0x8DB1ECBC647D104
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5639d85d-e01e-0039-721e-850ca2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 11 KB
3 KB 8ms
8ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C90) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 23384
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4C90)
etag: 0x8DB1ECBC4A24D7B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 27211a13-c01e-00a8-3e1e-856910000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 7 KB
2 KB 12ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC9) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 23384
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4CC9)
etag: 0x8DB1ECBC4A0A00A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8d3ac6d5-c01e-0011-3d1e-856d0a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 6 KB
2 KB 12ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA7) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 23384
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4CA7)
etag: 0x8DB1ECBC4A755D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ee426e45-501e-002c-521e-851b11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 9 KB
3 KB 13ms
12ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAF) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 23384
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4CAF)
etag: 0x8DB1ECBC4A92A4A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 04abef54-201e-008f-3f1e-857ed4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 9 KB
3 KB 9ms
8ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA3) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 23384
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4CA3)
etag: 0x8DB1ECBC4ACFA4C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dd02cd24-d01e-007f-4c1e-853825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 13 KB
4 KB 13ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 23384
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:13 GMT
server: ECAcc (frc/4CD6)
etag: 0x8DB1ECBC4AECED2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1a8d7358-b01e-008d-091e-85c06c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ 114 B
244 B 13ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB5) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:31 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 23384
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Tue, 07 Mar 2023 05:21:12 GMT
server: ECAcc (frc/4CB5)
etag: 0x8DB1ECBC4AAFED0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dc4d5c4c-801e-00a9-531e-8536cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 123ms
123ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=3f3419c5c30b7de7e1c863b47d42ea25&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.ocregister.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Sat, 13 May 2023 04:36:30 GMT
X-Powered-By: ASP.NET

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 183ms
183ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=3f3419c5c30b7de7e1c863b47d42ea25&ConfigCode=SCNGPRODWP&SiteCode=DFM&SettingsKey=LANG%2COCR
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
accept-language: de-DE,de;q=0.9
settingskey: LANG,OCR
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2ODM5NjY5ODl9.BCeLKvVVSqNLLiGS0DfQ5rfnatII0xqlQ8C15KtaCqo
ssid: b9b96a62358e823938d770889549e76d
environment: prod
config-code: SCNGPRODWP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: application/json
access-control-allow-origin: *
accept: application/json
attr: OCR
location: System
Referer: https://www.ocregister.com/
version: Version: 2.5.4.4_swg

Response headers

Expires: -1
Pragma: no-cache
Date: Sat, 13 May 2023 04:36:30 GMT
Content-Encoding: gzip
X-Server-Time: 5/13/2023 4:36:31 AM
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET css
fonts.googleapis.com/ 0
0

GET
H3 200 css
fonts.googleapis.com/ 8 KB
745 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,300&returnUrl=https%3A%2F%2Fwww.ocregister.com%2F%3FclearUserState%3Dtrue

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 04:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 04:08:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 04:36:32 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 36ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&gdpr=true&cmp_cs=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 pbcas
ads.yieldmo.com/ 0
34 B 31ms
30ms Image
text/plain 34.254.36.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&type=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-36-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:32 GMT

GET
H/1.1 200
OK pbusermatch
dsum.casalemedia.com/ 43 B
271 B 77ms
7ms Image
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=947075&p=1&i=0&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 04:36:32 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 64ms
13ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=162935&gdpr=1&gdpr_consent=CAAAAAAAAAAAAEXaJAENDCCwAAAAAH_AAAYgAAALzgFAAZAA4ACAAGgAaABCACOAIAAQcBeYAAAA&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 04:36:31 GMT
content-length: 0

GET
BLOB 200
OK eca64341-ddd6-43bd-974b-a6ddfa02060b
https://www.ocregister.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ocregister.com/eca64341-ddd6-43bd-974b-a6ddfa02060b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,300&returnUrl=https%3A%2F%2Fwww.ocregister.com%2F%3FclearUserState%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 15288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:21:44 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,300&returnUrl=https%3A%2F%2Fwww.ocregister.com%2F%3FclearUserState%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ocregister.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 15288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:21:44 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 04:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 53
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 06:35:39 GMT

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 121ms
121ms Image
image/jpeg 52.217.0.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 04:36:33 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: CSQGHTTJNEZBQ9ND
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: FOJicPbKI/OvQp8j8V053DaikjJ0gu6ogf9XvI/KxKJnYT1dt3eCFzU8O6TzSWFNCOayoGQPKvE=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
2 KB 8ms
8ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ocregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 May 2023 04:36:32 GMT
content-encoding: gzip
content-md5: nynBpfvYghYqzIzsvfssRw==
age: 233464
x-cache: HIT
content-length: 2382
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
server: ECAcc (frc/4CBD)
etag: 0x8DA5083F65AD9E0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 528c1e87-301e-0005-5234-832565000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 43ms
7ms Fetch 18.193.131.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq&ver=6.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.131.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-131-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:34 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 20ms
8ms Fetch 18.193.131.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2CsUkhlESGpQT9Lisdtl69NTdJ5p7WIBUvJq&ver=6.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.131.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-131-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ocregister.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 04:36:34 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,300

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/AUjk900vfCG0	1970-01-20 21:21:52	Name: gsid Value: 2z%2fGvaxITWD9DDy1czjQ2wGRb7%2fiOCem4cOVZRDpko8NbPM%2bSQRDvTEC2s9fqaKWO1tgFfPGs4c%3d
u066.ocregister.com/DG/DEFAULT	1970-01-20 21:21:52	Name: BCSessionID Value: cb11dd8b-4489-45d8-9fb0-55847ad2f7b8
digitalfirstmedia.blueconic.net/DG/DEFAULT	1970-01-20 20:31:28	Name: BCSessionID Value: cb11dd8b-4489-45d8-9fb0-55847ad2f7b8
.ocregister.com/	1970-01-20 20:31:28	Name: bc_tstgrp Value: 2
.ocregister.com/	1970-01-20 21:21:52	Name: _pnvl Value: false
.ocregister.com/	1970-01-20 21:21:52	Name: pushly.user_puuid Value: XfmPE0P7dVhSO2vblr0ROggvHQf1G3Uc
.ocregister.com/	1970-01-20 13:55:28	Name: _gcl_au Value: 1.1.235779455.1683952588
.doubleclick.net/	1970-01-20 11:45:53	Name: test_cookie Value: CheckForPermission
www.ocregister.com/	1970-01-20 11:45:54	Name: __browsiSessionID Value: b2b189ea-fe54-4a26-b651-2e8977715aac&false&false&DEFAULT&de&desktop-4.15.15&false
www.ocregister.com/	1970-01-20 20:31:28	Name: __browsiUID Value: e48af266-9f51-435c-a0a8-102ad9c87fa2
s1.listrakbi.com/	1970-01-20 11:55:57	Name: AWSALBCORS Value: ume5W3b3wfh4bn0T7p+5XlCQjN8xKAwd0MPncFO+f6CzPH0gutFD/lN4jhOhUkDqTiyxyAiqpw/RE2u5lIX+eqZRFl51zM0ckLsC3joze1oO+9RZSD/xzuXSMbFo
.listrakbi.com/	1970-01-20 13:55:28	Name: usid Value: fd28fa38236349caaa3af2142b8e9453
.ocregister.com/	1970-01-20 21:21:52	Name: anonDeviceId Value: 3f3419c5c30b7de7e1c863b47d42ea25
.ocregister.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.ocregister.com/	1970-01-20 21:21:52	Name: GSIDAUjk900vfCG0 Value: 9b95eeee-8ae7-461e-8241-501a93db0c2a
digitalfirstmedia.blueconic.net/	1970-01-20 11:55:57	Name: AWSALBCORS Value: eKG/J/lWxCNeKOeylKEKHx2IhcUwVoB4zWY+eq5RBaHtqwomWdvnm+4V6OVWA+GcVJym14wH3qF8uQo3Lzl9SYM595HYS4F14MRfDNTP1VxgA7TLrBoHY/A/2YKt
u066.ocregister.com/	1970-01-20 11:55:57	Name: AWSALB Value: q6m0EYE6zNhRPY5P81ZQhXmJpR5Xe51rRxG6GeyH5p1zsEOm+LGriKPxa+6G0fI33IFsmRr8Cj5tMkmHMnUZNTm3HPMErm1YLcH5ytEuNAfymIe5SnIKockZroTs
u066.ocregister.com/	1970-01-20 11:55:57	Name: AWSALBCORS Value: q6m0EYE6zNhRPY5P81ZQhXmJpR5Xe51rRxG6GeyH5p1zsEOm+LGriKPxa+6G0fI33IFsmRr8Cj5tMkmHMnUZNTm3HPMErm1YLcH5ytEuNAfymIe5SnIKockZroTs
www.ocregister.com/	1970-01-20 12:29:04	Name: ABTestCookie Value: B
.www.ocregister.com/	1970-01-20 11:47:18	Name: sub_nxt_upd_ac_DFM_SCNGPRODWP_PROD Value: 1
.www.ocregister.com/	1970-01-20 21:21:52	Name: sub_nxt_DFM_SCNGPRODWP_PROD Value: {%221%22:{%22104009%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222023-05-13T04:36:31.793Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:104009}}
.ocregister.com/	1970-01-20 21:21:52	Name: _pnlspid Value: 10394
.ocregister.com/	1970-01-20 21:21:52	Name: _pnss Value: dismissed
.ocregister.com/	1970-01-20 11:55:57	Name: _pnpdm Value: true

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/MG2AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/LikeButtons4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/JanrainAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/Auth0AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/CustomAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ocregister.com/ Message: The resource https://cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/NewzwareAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
accounts.google.com
ads.yieldmo.com
ajax.googleapis.com
ams-pageview-public.s3.amazonaws.com
api-mg2.db-ip.com
az416426.vo.msecnd.net
bf5913293d2101cf99011d708028ea4c.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.auth0.com
cdn.browsiprod.com
cdn.confiant-integrations.net
cdn.czx5eyk0exbhwp43ya.biz
cdn.jsdelivr.net
cdn.listrakbi.com
cdn.p-n.io
cdn.parsely.com
cdn.pranmcpkx.com
cmp.osano.com
dc.services.visualstudio.com
digitalfirstmedia.blueconic.net
dsum.casalemedia.com
eb2.3lift.com
events.browsiprod.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
ib.adnxs-simple.com
image8.pubmatic.com
insight.adsrvr.org
k.p-n.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
loader-cdn.azureedge.net
ocregister.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.sitescout.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
s.w.org
s1.listrakbi.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
session.ocregister.com
static.criteo.net
stats.wp.com
tlx.3lift.com
tpc.googlesyndication.com
u066.ocregister.com
unpkg.com
www.foo.software
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ocregister.com
yield-manager.browsiprod.com
fonts.googleapis.com
104.18.25.185
104.18.42.13
13.224.192.181
13.32.27.122
13.32.27.51
13.32.99.63
13.32.99.89
13.32.99.90
13.85.16.224
137.184.240.117
172.67.75.166
18.193.131.55
18.66.100.58
18.66.130.11
18.66.147.86
18.66.97.24
18.66.97.37
185.64.189.112
185.80.39.216
185.89.210.20
192.0.66.2
192.0.76.3
192.0.77.48
198.47.127.18
2600:9000:211e:8000:3:b7e:8940:93a1
2600:9000:2247:4800:10:474e:104a:2961
2602:803:c003:200::21
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::ac40:99f6
2606:4700::6810:7eaf
2a00:1450:4001:800::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200d
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200a
2a02:2638:3::3
2a02:2638:d::a
2a04:4e42:400::485
2a04:4e42::282
34.198.252.65
34.223.146.2
34.239.75.135
34.254.36.200
35.158.218.53
44.237.133.56
52.217.0.228
52.217.109.76
52.222.253.136
52.223.40.198
52.236.186.218
54.72.231.133
76.223.111.18
98.98.134.243
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b8f8b8b3580d35846908ca7bf1919b68f5997fe0f495e36efb1861b3690e8b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0a1275ed18d35b3933f8331a63aa561475445da34124b9f437e7585c320c3e00
0f69fa4bf07943b427474bfa79c56259c2d44cc7cc816e720749fb2b71e2ea2a
1213caa8464668054ccc27f0b16e7f808d13eb42e18e525d2381b77d608e1fbf
1234c8b3b12c3c983658c7ba23582c7123d26cfa7f98a9d7b1feb406a86bc174
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9
1693ca0720c36e9bbaffa57cf930bc475cc52973d61ab0e7ebc49e0395dc1617
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
175e6bb85f9bae93a2273d9f391cc55742b0ab99fa165aa272953ef553c73d16
179cce2e83c26eeb947c7fbbca3094f7b3f49d4974f65e50c0e27975c58f9f98
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
197028c6f96c74527ef8305b69e8b182c5f04c4a0f48e309a9f980cba6f6470b
1a69db491891857066ada033de292cdca059f738f4b68dbc7f7c85069313d3ef
1b33d7087467c7e79512e168a1cd79e43904462408aaf7ae4c0abf2ef5409f32
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1fba662febeea3e8d4d3ca4e8f1db311483eb607f38f5c7d9e14815c7d1f73e3
21b580c0e786d0ff2b8ef69d2808f19c17e9106f4effdf1771475ac870c81ea1
25a10b2436d22c8291ffb68adc766473faf8ec90bef7ffdeaacc09310620b88d
26bf73eb66fe6b13f8f7e68d8b0dfbb4bacd90d0ac5bef05e3357759bbdb5e01
270fb1f5320e32a7e0b8af9d3102063d8eb8950f4feb0ce3bb6c00536c1daa60
2710c7dc7950c124a23a6fe0b82f1f61a991b7cf5429de5d0aa2e00c29117235
27eff5fc1ab1c8ffd68c4048ed423ab4e46832d1f25e63d3ca7afe04d52b6a27
2f218987261e49e368f7f85f9e5bf66f49f62032e96bb064c43064df8fc4e2fd
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
3094b8e43c59506b3b1998eb8ff337c01c4cc4ada07460241df7dccf85ea7064
3214c1d02f0794737b58d56814b31c639c67f85c6eb6816c39804cf5d4041dea
36d227f4262f38a15c3ca1f87516729dfb762214dcba584deebaf0a572cfa5e3
38a05eb5167fc36ccc242830b189fea0ceb8e645d21410b84ded7a7cf716466b
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
421718cc5940dab8fdf7a9173266da91a15713c647a36bb33d8ec6a883ccf3c8
449aef1589f99af291a9020f9a65f206f55da3709e38f8c1748fe9353899e170
45877b882f4b100d00c4aad9a51ce80f28e1487d2a8a133fb325190a135cceb3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
4d04e98fa76e2cdba4b0b45b0b206b13de39ff72f6371b7d97ed515e21646722
4dfa5a35793decc217ed90c72310fd876c193eb668a5a22bb0e8b700846ca848
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f8eff1441f96c9d723ecd68c4c3219c2fc94e1405d13a6a7ef09e6cb2bd2ba8
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b386e20254b658b0a5f7ba4f15a0ecca715f765081e8eef12ada443401c55c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
68337d39ef4631d4e3ac93ac89a2b881cdc707fb1cac2572d0f5aeabdf35ab76
683b57a5d2950f0c3cabb25fb3ff91b7e7510a3192cb492a551942c8b73b4bee
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6c4f42bbb80ed0308dd79b93b4bf8d39caa0e2f374717130ccdb5e87b3077546
6e1c976593565da6d184c258085061bc5e26c18d73fe1665359b1c84c3bda263
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
716e9ddfe6d9c1e84e8dd166acc6d630d2b7cbeb9c291ebed368942e47933a79
72762afa5296c234d2a8999bc9a4340f9903e10474757d1dffbe2f9b5856b78a
73da5e9f804298df4201001506a390d921ad0f5a3220076c042649ce2b8ffb77
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7785232fdac355e7b2e6da6f1c164f041ba6c12312b7426f36638859470827ab
79f1e909d6122347784d8e39aa74012adb2975e3bc83ce2e83a225443c2a794c
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7afd0841a59f9ed2729987d878fcdaaa4c10c1c5304cfa41b45a0cbfb971a81c
7b657d20496eed5d326fbf88393caebbc4f63b31300fb6131005ef3120e6c90d
7bd8b3e8c5d0f5c0a1c5ed3b69c09e4ae5edb40519ad8a1882b007ac3bf91901
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
881179ed8d76a220dc210c45af07c46373896683c0d394f1595cd7213cb4d7ba
8b8afd8f60833ca51907899d4a3279cdfd355282858ba8a73cd1034d2a1e31ff
8bd6af2d953e076cb3e255e0c2328e020c672632302230f9896e07b2ba01ca65
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1a3b805ecebd49aa4fd5449526d8adc9e8395318763181d8a751f9028fbec4
90e535b7fe12d3b4385cde7867bb845bc2458f57f4d3ccbb0821d1b7ea566b53
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9399640915f43949c41dca07d28e3582b2ec9f4f595de7f4084bf342bc84496f
94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23
98944eabc213c9ec5a38e3b50f08429d860f9aa2f56e54e8ed990dd99dccd38a
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5801d26ab757fafa86dfba5683f6385e266525497a2ef6c876239a530da4276
a5babfd3d7b29e33c64508fb6dfdf74af0bf5a1b0a8dfa63be9f1278d75b221c
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580
a8a18561bc8d3ea3110e63c63da600bbe4be457ef9db629c0a0c40c29f76f16f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b883aa5e8883f03f351d5bea96af2d1f738d4681d17cf86f89d02403129408e3
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb85eda4d354a2320c987992b36a052cbb69e1ad85ffe0826161b28f29c3ad98
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bc0e9ec627c6169484852aa49f2134b30abd96230b7796cedcfe6c64f2db3840
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
bf5eac961fe95ecbd81e42daa3fb17b06becfb6031d433758f9619c3955b1e8a
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c9393938a1053a7b797fb5e28412ee53680cf8b76314274f377b38bac1453abf
c9c1f23e520dab4e2a2479ec87aa0eada7e3eb1251ac017e4ed98dcc888fc23e
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
cf658918b1f8ca38ec0fed634d41ab3481e6907bcfba2c8681f79b50d9e91c2f
d091b0f3053c3eeba693ae4e43a60a0db4d8f42395e9844ed1f99e0e712e95fc
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
df045e008100880eac4a1075503b080e9025059072bfd9d3555dc6995a415571
e026fe16b6749e3e95221caad238ed1130afc6cd6663969f228d785771e39aa6
e1cf4702832bf6c320c5c8098f8bacb6bd00fed93724fc9cd9af287e41947865
e2d3648f9fc4de9ca4fbccc88806b2d761ba10f16e6584e840e1022ae69fb322
e37926bfdd405a2a06d7367d327bcc50f78430b6c81be30c26078c901ef53f03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e531d115684e95c1f837d49bf2d43c14c40bc36c66aa4944321e67b5373ae166
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e976cbdba5a7212d65ba186ae6b7b1fc30ff009c60f405d1e23419414ad2342d
e9e422062c41f1e39232dab5c579a0767df4cc2d54e8a82cf14ad8c8995e6955
ea6ea3a65726c9736c6f9715f39fc113bef17e87589ee3b2c220fc21f13083af
ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb8335b2ae6f9db021e041c1b786c2a832a6c3ead404d1490df41cc0518d7b9b
fc0f83790da6c60afa1f36d6186a8f0ab89fbf0568c024b403f52ae2a12ae6e2
feb0e7f17014201ea9124f23e3f63965411385abf0103fc682595d0674087a0c

www.ocregister.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

92 %HTTPS

39 %IPv6

46 Domains

68 Subdomains

63 IPs

8 Countries

4295 kBTransfer

14094 kBSize

24 Cookies

42 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ocregister.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

92 %
HTTPS

39 %
IPv6

46
Domains

68
Subdomains

63
IPs

8
Countries

4295 kB
Transfer

14094 kB
Size

24
Cookies

183 HTTP transactions
1 data transactions